urlscan.io logo urlscan.io
SecurityTrails logo

gbatemp.net Open in urlscan Pro
172.67.73.161  Public Scan

Go To Rescan Add Verdict Report
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Submission: On August 06 via api from CZ — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 5 countries across 64 domains to perform 282 HTTP transactions. The main IP is 172.67.73.161, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbatemp.net. The Cisco Umbrella rank of the primary domain is 279441.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time gbatemp.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 172.67.73.161 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2600:9000:211... 16509 (AMAZON-02)
3 104.18.24.111 13335 (CLOUDFLAR...)
6 142.251.174.154 15169 (GOOGLE)
6 2600:9000:211... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
1 172.253.62.97 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.174.156 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2620:100:a00b::4 19750 (AS-CRITEO)
2 2600:9000:211... 16509 (AMAZON-02)
2 2600:9000:24f... 16509 (AMAZON-02)
1 18.238.80.119 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 108.138.115.149 16509 (AMAZON-02)
3 23.62.165.161 16625 (AKAMAI-AS)
2 108.138.128.34 16509 (AMAZON-02)
8 172.253.62.139 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 74.125.192.148 15169 (GOOGLE)
7 3.237.175.195 14618 (AMAZON-AES)
3 4 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 12 52.3.138.212 14618 (AMAZON-AES)
2 130.211.23.194 396982 (GOOGLE-CL...)
3 54.173.65.180 14618 (AMAZON-AES)
13 172.253.62.157 15169 (GOOGLE)
1 108.138.106.108 16509 (AMAZON-02)
1 129.159.117.159 31898 (ORACLE-BM...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 8 141.95.98.65 16276 (OVH)
2 34.206.235.77 14618 (AMAZON-AES)
2 3.225.149.108 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 100.27.136.39 14618 (AMAZON-AES)
4 23.203.179.38 16625 (AKAMAI-AS)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.212.140.196 14618 (AMAZON-AES)
1 52.91.215.149 14618 (AMAZON-AES)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 18.173.140.223 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.85.180.135 14618 (AMAZON-AES)
1 34.36.214.49 396982 (GOOGLE-CL...)
3 23.62.164.208 16625 (AKAMAI-AS)
5 69.173.154.9 26667 (RUBICONPR...)
3 34.192.42.219 14618 (AMAZON-AES)
3 4 68.67.160.117 29990 (ASN-APPNEX)
2 74.119.117.6 19750 (AS-CRITEO)
3 35.186.253.211 15169 (GOOGLE)
4 3.81.88.244 14618 (AMAZON-AES)
3 172.64.151.101 13335 (CLOUDFLAR...)
5 2602:803:c002... 26667 (RUBICONPR...)
1 52.85.61.54 16509 (AMAZON-02)
4 18.204.52.140 14618 (AMAZON-AES)
1 207.65.37.179 62713 (AS-PUBMATIC)
3 3 15.197.193.217 16509 (AMAZON-02)
2 2 172.217.197.154 15169 (GOOGLE)
2 2 3.225.218.10 14618 (AMAZON-AES)
1 23.220.132.230 16625 (AKAMAI-AS)
1 1 2620:112:f008... 26120 (RHYTHMONE)
3 162.19.138.117 16276 (OVH)
1 2 35.244.193.51 15169 (GOOGLE)
1 2606:ae80:147... 25751 (VALUECLICK)
1 2 52.46.130.91 16509 (AMAZON-02)
1 2620:100:a00b::c 19750 (AS-CRITEO)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 54.144.82.51 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3 35.211.178.172 15169 (GOOGLE)
2 23.55.205.215 16625 (AKAMAI-AS)
3 35.71.139.29 16509 (AMAZON-02)
1 1 185.184.8.90 204995 (RTB-HOUSE...)
2 3.214.33.241 14618 (AMAZON-AES)
1 1 35.71.131.137 16509 (AMAZON-02)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.9.159.188 16625 (AKAMAI-AS)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 151.101.1.108 54113 (FASTLY)
1 1 34.36.216.150 396982 (GOOGLE-CL...)
1 44.213.186.61 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:21d... 16509 (AMAZON-02)
6 52.223.22.214 16509 (AMAZON-02)
2 13.225.63.85 16509 (AMAZON-02)
1 142.251.163.155 15169 (GOOGLE)
6 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 142.251.163.154 15169 (GOOGLE)
3 172.217.197.132 15169 (GOOGLE)
7 35.201.101.243 396982 (GOOGLE-CL...)
1 2 151.101.130.49 54113 (FASTLY)
1 1 54.164.216.236 14618 (AMAZON-AES)
3 173.194.68.154 15169 (GOOGLE)
1 108.138.106.47 16509 (AMAZON-02)
3 52.200.43.168 14618 (AMAZON-AES)
1 2600:9000:26f... 16509 (AMAZON-02)
1 23.9.143.51 16625 (AKAMAI-AS)
1 23.212.251.19 20940 (AKAMAI-ASN1)
1 13.35.93.38 16509 (AMAZON-02)
1 173.194.205.147 15169 (GOOGLE)
5 23.55.204.47 16625 (AKAMAI-AS)
2 108.139.47.39 16509 (AMAZON-02)
2 34.236.226.19 14618 (AMAZON-AES)
1 142.250.31.102 15169 (GOOGLE)
1 1 207.65.37.181 ()
1 1 199.38.167.131 ()
1 2 34.111.113.62 ()
282 98
36    172.67.73.161 (United States)

ASN13335 (CLOUDFLARENET, US)
gbatemp.net
3    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:9000:211c:7000:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
3    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
materialisticmoon.com
6    142.251.174.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f154.1e100.net
securepubads.g.doubleclick.net
6    2600:9000:211c:6e00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
4    2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:24f4:7000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net
www.googletagmanager.com
2    2607:f8b0:4004:c1f::65 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.251.174.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f156.1e100.net
securepubads.g.doubleclick.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    2600:9000:211c:4200:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
2    2600:9000:24f0:d800:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
config.playwire.com
1    18.238.80.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-119.jfk52.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net
c.amazon-adsystem.com
3    23.62.165.161 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-161.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
8    172.253.62.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f139.1e100.net
fundingchoicesmessages.google.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    74.125.192.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f148.1e100.net
ad.doubleclick.net
7    3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com
carbon-cdn.ccgateway.net
script-api.ccgateway.net
tag-api-2-1.ccgateway.net
4    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
12    52.3.138.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com
ps.eyeota.net
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    54.173.65.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-65-180.compute-1.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
13    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
pagead2.googlesyndication.com
1    108.138.106.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-108.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    129.159.117.159 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
1    2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    34.206.235.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-235-77.compute-1.amazonaws.com
fid.agkn.com
2    3.225.149.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-149-108.compute-1.amazonaws.com
idx.liadm.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
2    100.27.136.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-27-136-39.compute-1.amazonaws.com
cd836371f1d.cdn.intergient.com
4    23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com
privacy-location-edge.ccgateway.net
1    52.91.215.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com
pogo.ccgateway.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    18.173.140.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-223.jfk52.r.cloudfront.net
aax.amazon-adsystem.com
1    2600:1f18:730:b130:726b:9ae3:b613:4114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.85.180.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-180-135.compute-1.amazonaws.com
rp4.liadm.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
3    23.62.164.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    69.173.154.9 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    34.192.42.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-42-219.compute-1.amazonaws.com
tlx.3lift.com
4    68.67.160.117 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)
grid.bidswitch.net
bidder.criteo.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    3.81.88.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-88-244.compute-1.amazonaws.com
btlr.sharethrough.com
3    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
5    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.85.61.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-54.ewr53.r.cloudfront.net
hb.yellowblue.io
4    18.204.52.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-52-140.compute-1.amazonaws.com
g2.gumgum.com
1    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    172.217.197.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f154.1e100.net
cm.g.doubleclick.net
2    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
d.turn.com
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2606:ae80:1471:16::820 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:100:a00b::c (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    54.144.82.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-82-51.compute-1.amazonaws.com
match.prod.bidr.io
2    2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    23.55.205.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
playwire-d.openx.net
u.openx.net
1    23.9.159.188 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-159-188.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.1.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    44.213.186.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-186-61.compute-1.amazonaws.com
crb.kargo.com
2    2607:f8b0:400d:c0f::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:9000:21da:6a00:d:c38f:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ib.3lift.com
6    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    13.225.63.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-85.ewr53.r.cloudfront.net
ib.3lift.com
1    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
googleads.g.doubleclick.net
6    2600:1408:c400:29::17da:da4e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
googleads.g.doubleclick.net
3    172.217.197.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f132.1e100.net
tpc.googlesyndication.com
7    35.201.101.243 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 243.101.201.35.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-uw1.doubleverify.com
tps.doubleverify.com
tpsc-uw1.doubleverify.com
2    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.164.216.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-216-236.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
1    108.138.106.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-47.jfk50.r.cloudfront.net
choices.truste.com
3    52.200.43.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-43-168.compute-1.amazonaws.com
comcast.demdex.net
dpm.demdex.net
1    2600:9000:26fa:e600:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    23.9.143.51 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-143-51.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
1    23.212.251.19 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-19.deploy.static.akamaitechnologies.com
ajs-assets.ftstatic.com
1    13.35.93.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-38.jfk50.r.cloudfront.net
agen-assets.ftstatic.com
1    173.194.205.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f147.1e100.net
www.google.com
5    23.55.204.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-204-47.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
stat.flashtalking.com
2    108.139.47.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-39.jfk50.r.cloudfront.net
choices.trustarc.com
2    34.236.226.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-226-19.compute-1.amazonaws.com
ad-events.flashtalking.com
1    142.250.31.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f102.1e100.net
www.google-analytics.com
1    207.65.37.181 (None, )

ASN- ()
image6.pubmatic.com
1    199.38.167.131 (None, )

ASN- ()
p.rfihub.com
2    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
Apex Domain
Subdomains		 Transfer
36 gbatemp.net
gbatemp.net — Cisco Umbrella Rank: 279441
1 MB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
293 KB
16 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 998
eb2.3lift.com — Cisco Umbrella Rank: 632
ib.3lift.com — Cisco Umbrella Rank: 2758
84 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
ad.doubleclick.net — Cisco Umbrella Rank: 210
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
bid.g.doubleclick.net — Cisco Umbrella Rank: 1443
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1000
250 KB
14 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1367
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
eus.rubiconproject.com — Cisco Umbrella Rank: 948
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1494
54 KB
13 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 752
rtb0.doubleverify.com — Cisco Umbrella Rank: 1400
rtbc-uw1.doubleverify.com — Cisco Umbrella Rank: 5846
tps.doubleverify.com — Cisco Umbrella Rank: 823
tpsc-uw1.doubleverify.com
137 KB
12 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1596
9 KB
12 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 12960
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 14660
82 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
www.google.com — Cisco Umbrella Rank: 10
75 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 645
cdn.id5-sync.com — Cisco Umbrella Rank: 1233
33 KB
9 ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 12460
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 11705
pogo.ccgateway.net — Cisco Umbrella Rank: 13708
script-api.ccgateway.net — Cisco Umbrella Rank: 12428
tag-api-2-1.ccgateway.net — Cisco Umbrella Rank: 12895
22 KB
8 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1478
cdn.flashtalking.com — Cisco Umbrella Rank: 2052
ad-events.flashtalking.com — Cisco Umbrella Rank: 2429
stat.flashtalking.com — Cisco Umbrella Rank: 2569
9 KB
7 openx.net
pa.openx.net — Cisco Umbrella Rank: 5140
rtb.openx.net — Cisco Umbrella Rank: 920
playwire-d.openx.net — Cisco Umbrella Rank: 25394
u.openx.net — Cisco Umbrella Rank: 1176
1005 B
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999
aax.amazon-adsystem.com — Cisco Umbrella Rank: 501
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
88 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2320
usersync.gumgum.com — Cisco Umbrella Rank: 2681
10 KB
6 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 16289
206 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
acdn.adnxs.com — Cisco Umbrella Rank: 961
secure.adnxs.com
5 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 855
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744
image6.pubmatic.com
342 B
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1256
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
id.crwdcntrl.net — Cisco Umbrella Rank: 4149
sync.crwdcntrl.net — Cisco Umbrella Rank: 1261
26 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
2 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1860
2 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1853
x.bidswitch.net — Cisco Umbrella Rank: 499
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622
106 KB
4 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2445
rp.liadm.com — Cisco Umbrella Rank: 1645
rp4.liadm.com — Cisco Umbrella Rank: 4911
i.liadm.com Failed
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
936 B
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1247
px.moatads.com — Cisco Umbrella Rank: 1015
mb.moatads.com — Cisco Umbrella Rank: 1987
154 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
326 KB
3 demdex.net
comcast.demdex.net — Cisco Umbrella Rank: 9278
dpm.demdex.net — Cisco Umbrella Rank: 319
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
811 B
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 785
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 892
32 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1594
lexicon.33across.com — Cisco Umbrella Rank: 2352
7 KB
3 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 3601
d.agkn.com — Cisco Umbrella Rank: 1174
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
30 KB
3 playwire.com
config.playwire.com — Cisco Umbrella Rank: 15825
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 17135
55 KB
3 materialisticmoon.com
materialisticmoon.com — Cisco Umbrella Rank: 645521
25 KB
2 tapad.com
pixel.tapad.com
1 KB
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 1320
9 KB
2 ftstatic.com
ajs-assets.ftstatic.com — Cisco Umbrella Rank: 3142
agen-assets.ftstatic.com — Cisco Umbrella Rank: 2570
30 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1286
667 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
576 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 944
ssp-sync.criteo.com — Cisco Umbrella Rank: 1783
190 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2186
104 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
898 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
43 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
1 rfihub.com
p.rfihub.com
762 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 1360
8 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1245
247 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1830
368 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117
566 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1124
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 1026
423 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4267
460 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1995
439 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1219
501 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3211
582 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2483
49 KB
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 588
143 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
632 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2913
8 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 1040
482 B
0 rqtrk.eu Failed
ws.rqtrk.eu Failed
282 64
Domain Requested by
36 gbatemp.net gbatemp.net
13 pagead2.googlesyndication.com cadmus.script.ac
gbatemp.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
12 ps.eyeota.net 1 redirects gbatemp.net
cadmus.script.ac
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
cadmus.script.ac
10 cdn.intergient.com gbatemp.net
cdn.intergient.com
9 eb2.3lift.com cadmus.script.ac
gbatemp.net
8 id5-sync.com 1 redirects cdn.intergi.com
cadmus.script.ac
cdn.id5-sync.com
gbatemp.net
7 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
gbatemp.net
6 cdn.doubleverify.com cadmus.script.ac
gbatemp.net
6 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
cadmus.script.ac
5 tpc.googlesyndication.com cadmus.script.ac
gbatemp.net
5 script-api.ccgateway.net cadmus.script.ac
5 fastlane.rubiconproject.com cdn.intergi.com
5 prebid-server.rubiconproject.com cdn.intergi.com
gbatemp.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cadmus.script.ac
4 ib.3lift.com cadmus.script.ac
gbatemp.net
4 match.adsrvr.org 4 redirects
4 g2.gumgum.com cdn.intergi.com
4 btlr.sharethrough.com cdn.intergi.com
4 secure.cdn.fastclick.net gbatemp.net
cadmus.script.ac
4 idsync.rlcdn.com 3 redirects gbatemp.net
4 www.googletagmanager.com gbatemp.net
www.googletagmanager.com
3 cdn.flashtalking.com gbatemp.net
3 x.bidswitch.net 3 redirects
3 lb.eu-1-id5-sync.com cdn.intergi.com
cadmus.script.ac
3 rtb.openx.net cdn.intergi.com
3 ib.adnxs.com 2 redirects cdn.intergi.com
3 tlx.3lift.com cdn.intergi.com
gbatemp.net
3 ads.pubmatic.com cadmus.script.ac
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 materialisticmoon.com cdn.intergient.com
materialisticmoon.com
2 pixel.tapad.com 1 redirects
2 tpsc-uw1.doubleverify.com cdn.doubleverify.com
2 stat.flashtalking.com
2 ad-events.flashtalking.com
2 choices.trustarc.com gbatemp.net
2 tps.doubleverify.com gbatemp.net
2 comcast.demdex.net gbatemp.net
2 googleads4.g.doubleclick.net gbatemp.net
2 rtbc-uw1.doubleverify.com cdn.doubleverify.com
2 sync-tm.everesttech.net 1 redirects gbatemp.net
2 googleads.g.doubleclick.net cadmus.script.ac
2 playwire-d.openx.net 1 redirects cadmus.script.ac
2 usersync.gumgum.com cadmus.script.ac
2 eus.rubiconproject.com cadmus.script.ac
2 0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com cadmus.script.ac
2 s.amazon-adsystem.com 1 redirects cadmus.script.ac
2 lexicon.33across.com 1 redirects gbatemp.net
2 ups.analytics.yahoo.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 htlb.casalemedia.com cdn.intergi.com
2 i.clean.gg cadmus.script.ac
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 idx.liadm.com cdn.intergi.com
2 fid.agkn.com cdn.intergi.com
2 api.btloader.com btloader.com
2 px.ads.linkedin.com 1 redirects gbatemp.net
2 ad-delivery.net gbatemp.net
2 tags.crwdcntrl.net cdn.intergient.com
gbatemp.net
2 z.moatads.com cdn.intergient.com
cadmus.script.ac
2 config.playwire.com cdn.intergient.com
2 static.criteo.net securepubads.g.doubleclick.net
cadmus.script.ac
1 secure.adnxs.com 1 redirects
1 p.rfihub.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 dpm.demdex.net
1 www.google.com cadmus.script.ac
1 agen-assets.ftstatic.com ajs-assets.ftstatic.com
1 ajs-assets.ftstatic.com gbatemp.net
1 servedby.flashtalking.com gbatemp.net
1 d.agkn.com gbatemp.net
1 choices.truste.com gbatemp.net
1 bid.g.doubleclick.net cadmus.script.ac
1 sync.crwdcntrl.net gbatemp.net
1 sync.srv.stackadapt.com 1 redirects
1 u.openx.net cadmus.script.ac
1 rtb0.doubleverify.com cadmus.script.ac
1 crb.kargo.com gbatemp.net
1 pixel-sync.sitescout.com 1 redirects
1 acdn.adnxs.com cadmus.script.ac
1 js-sec.indexww.com cadmus.script.ac
1 secure-assets.rubiconproject.com 1 redirects
1 creativecdn.com 1 redirects
1 ssum-sec.casalemedia.com cadmus.script.ac
1 match.prod.bidr.io 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 ssp-sync.criteo.com cadmus.script.ac
1 tag-api-2-1.ccgateway.net gbatemp.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 d.turn.com 1 redirects
1 tags.bluekai.com gbatemp.net
1 hbopenbid.pubmatic.com cdn.intergi.com
1 hb.yellowblue.io cdn.intergi.com
1 bidder.criteo.com cdn.intergi.com
1 grid.bidswitch.net cdn.intergi.com
1 pa.openx.net cadmus.script.ac
1 rp4.liadm.com gbatemp.net
1 rp.liadm.com 1 redirects
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pogo.ccgateway.net carbon-cdn.ccgateway.net
1 privacy-location-edge.ccgateway.net carbon-cdn.ccgateway.net
1 cdn.id5-sync.com gbatemp.net
1 cdn-ima.33across.com gbatemp.net
1 cadmus.script.ac cdn.intergi.com
1 id.crwdcntrl.net cdn.intergi.com
1 imasdk.googleapis.com cdn.intergi.com
1 mb.moatads.com z.moatads.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 pippio.com 1 redirects
1 carbon-cdn.ccgateway.net gbatemp.net
1 ad.doubleclick.net gbatemp.net
1 px.moatads.com gbatemp.net
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 static.adsafeprotected.com gbatemp.net
0 ws.rqtrk.eu Failed
0 i.liadm.com Failed
282 120

This site contains links to these domains. Also see Links.

Domain
github.com
i.ibb.co
youtu.be
t.me
www.facebook.com
twitter.com
twitch.tv
youtube.com
xenforo.com
Subject Issuer Validity Valid
gbatemp.net
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.intergient.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
materialisticmoon.com
WE1		 2024-07-20 -
2024-10-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.intergi.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-06-18 -
2024-09-16		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ad-delivery.net
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ccgateway.net
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.id5-sync.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
script.ac
E6		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
id5-sync.com
WE1		 2024-08-02 -
2024-10-31		 3 months crt.sh
i.clean.gg
WR3		 2024-07-03 -
2024-10-01		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
pa.openx.net
WR3		 2024-07-22 -
2024-10-20		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-16 -
2024-10-16		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
casalemedia.com
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.yellowblue.io
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
va-ad-exch-dev-eks.dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-14 -
2025-08-12		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
indexww.com
WE1		 2024-08-03 -
2024-11-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-11 -
2025-03-14		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2024-04-02 -
2025-04-07		 a year crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-17 -
2025-07-17		 a year crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-10-22		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-26 -
2025-04-25		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
*.flashtalking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-01 -
2025-04-01		 a year crt.sh

This page contains 34 frames:

Primary Page: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Frame ID: C4355F1A43A05FF8684E7497A7C70135
Requests: 201 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 2C4411E17FFF9F627A235FB14E5CFE32
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.61/iframe/iframe.html
Frame ID: 8E4E410E005FBD6DB57CB84B0491597B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.61/iframe/iframe.html
Frame ID: EA0E006A2DBD7263C772D15FD5A991A9
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 23441C28D5184DD41BFB8A3502B7AA6F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 39E981D50187D3484BBE2E4ADA77C03F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativo_an-db5_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: EC05DBB395B231FBB947957B22605D14
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: B0D613A67926AABD693D7776A9D15E03
Requests: 1 HTTP requests in this frame

Frame: https://0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C9C3D203C1A35DC392D909E52A4C1B2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 5544D4EE9730BD69419AEC2AA2984E46
Requests: 1 HTTP requests in this frame

Frame: https://0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9006A7C2A47CC41FC680C92ABD2BAF8F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Frame ID: AE39ED2B3DD573F3AF8DCE28AC05E0C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C407FDFBE95DE12BC468698C6467CE4E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8988391BDFCE290FCB5CF35976B2BF5F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&pi=gumgum
Frame ID: 462F6984D60A9F60906AFBB352325792
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=5baad550-1e5d-4173-a212-bf34df76401b
Frame ID: 0211521941CC1062CC0DB8825965D118
Requests: 1 HTTP requests in this frame

Frame: https://playwire-d.openx.net/w/1.0/pd?cc=1
Frame ID: A222F580D949218BDD2E9A408E6CF7DF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 50EB09073E2449256056AE4F21FB709A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 74D4636B90A76FFEC3D357CCF2B42FBE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6D80F917435E22507A68365F63492AC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmPRskYSvoPa4OI71oRMm2w6wq8TCZLaLoZCz22W4SahPt-h1MqxOUQRnN66GnejBrltv_nx6seYkupIxfvGICgjmTNnITIGAvrPBQCa1v6OzLj0_1fBoB6V37sPDcKfXMaFLkQY7Z_l0Crxy6UnFeuOY24KoxlkYtARV3h4tgRVkscMoDClE5M_z-rvtOX1Y_Mn62gJZrs2KqEZlqatYd5pc61t4ObfFoEkeCHPICDnS04iwpZm19oWGtpmVSaSHrQtC6pG_AbSNH_yjX-3nB-Sa2iDOS0N88oR1QwpkSi5wfMXN1k02J6YtfudgA46qovZeD0-fcS4Sr6UEq1ZvoE7xKls_u0YISUnbqGth6cmCnPaDuAoWQ0S7sMurm7CpM8v99sWplTwPBTgXxmVKGAcNVsVG&sai=AMfl-YQNl61t-4-liSDWyHpAy_IGyusSpPl8XywitJ6mGAlveapaVxBVJJK9BWhNacT54R5xYPyV34D05I9lrJ7U6YVvbhB2BTyCkEQHmJq1_R-olMcfl6rrScJpzL-4NJA&sig=Cg0ArKJSzFEWYyTPq9hYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8F8B56AEEDAB2FAD5D96A003023C56E5
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: 476FB235A61011970A1E145298D08245
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDZ9rOdAhjhtb-AAjAB&v=APEucNWFl2exhTi9M5QlLClaVFXAD-Jk0B5Q8Q39wbjCS4WFexu3PY5Hxl8l55ZB1axDfqLTwlk2N0PlVdOPoT34-wxEoHAC4A
Frame ID: EFA055CB5C0AE94BAB1AEE0B31A6753A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C5D2A3A42B96B8F1297838E20A5B687E
Requests: 37 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1450FD386C61077C59B61A238274D0B6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: EB953E6DCDC22A8BD7E43F1301445FC7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: E11DF75603D25C3A26869C16FEDE1A81
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements6569.js
Frame ID: 62C010DE6E586E56FF7007C890284F08
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements6569.js
Frame ID: 97D3721C4FBF98084CD2DFAD00448C0F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=56203
Frame ID: 4FA7C00DD1488819859AF9A04EB99B20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 294E0B6FB86D9EC3A5E6CAB575E44B2F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5CC0A6787E5253DAAE1249F60761A288
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/157924/4614372/index.html
Frame ID: 232D0D8940A19C5BAB09B571B73B6FE5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 134CD27716C1485221D9E25D10DA78BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Batch CIA 3DS Decryptor | GBAtemp.net - The Independent Video Game Community

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

282
Requests

92 %
HTTPS

22 %
IPv6

64
Domains

120
Subdomains

98
IPs

5
Countries

3523 kB
Transfer

11820 kB
Size

326
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://idsync.rlcdn.com/712453.gif?partner_uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIW-KxJDCj8IARDptAoaN3VzZXJfMTY5NWQxYTctOTJiZS00YTUzLWFiYjEtNWY5YWNhNTRhYjk3XzE3MjI5MzYxMDAzMTcQABoNCKTWx7UGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529&expected_cookie=74ccbbb4-d782-48d6-8c08-1aa977093a24
Request Chain 82
  • https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
Request Chain 114
  • https://rp.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&wpn=prebid&cd=.gbatemp.net HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&wpn=prebid&cd=.gbatemp.net&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=5baad550-1e5d-4173-a212-bf34df76401b&bid=1e2n4ou
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm4xQXp1aXoxTnJBanRkeXg5X2NDREg0Qzd0RGxvNFcwbHdiUzFYdGpVejQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm4xQXp1aXoxTnJBanRkeXg5X2NDREg0Qzd0RGxvNFcwbHdiUzFYdGpVejQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEB7KeZG4rrnS87bZ-3mPuz4&google_cver=1
Request Chain 149
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-8SueVjpE2pV0qznXjQC5IAEswLPmTm0JEyA-~A&gdpr=0
Request Chain 151
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=m51mh00 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7908695941875618071&newuser=1&referrer_pid=m51mh00
Request Chain 156
  • https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3&b=1&tp=XtDehSXHTK%2F24vWVmqD4o6cTX1JrKPU9IPRhfkyARvg%3D
Request Chain 163
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativo_an-db5_n-Rise_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativo_an-db5_n-Rise_3lift_n-Outbrain&dcc=t
Request Chain 167
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=12556&us_privacy=&gpp_sid=&gpp= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=12556&uid=LZI7O4K8-18-50W2
Request Chain 171
  • https://id5-sync.com/i/483/8.gif?o=api&id5id=ID5*U9lrbfJgsQ2Uv-jGESPwnkQs3J-25gN77Iivs_CvRQy4Mamzll_lKDBrD7Ef9Yrf&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAHREU7NY9YAABWx1y0yHw&id5AccountNum=155&numCascadesAllowed=9
Request Chain 175
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=af0b65af-48de-4a70-b772-30e337dada32
Request Chain 182
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&pi=gumgum
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=5baad550-1e5d-4173-a212-bf34df76401b
Request Chain 184
  • https://playwire-d.openx.net/w/1.0/pd HTTP 302
  • https://playwire-d.openx.net/w/1.0/pd?cc=1
Request Chain 185
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 191
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=ae498af2-fe44-4362-b439-339840e30e09-66b1eb27-5553&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=af0b65af-48de-4a70-b772-30e337dada32&dsp_uuid=&dsp_id=&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 199
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2211485602329325570
Request Chain 231
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00 HTTP 302
  • https://ps.eyeota.net/match?uid=2211485602329325570&bid=2cr76e1&referrer_pid=m51mh00
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZrHrKgAAA7epkQAJ
Request Chain 233
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2JBEaSFXiBkl18u0nnDH_CA9KrOdbwex-fIlqnFcFuIo HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=5baad550-1e5d-4173-a212-bf34df76401b
Request Chain 234
  • https://sync.srv.stackadapt.com/sync?nid=eyeota HTTP 302
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=SsNWRsmEW8pAOkwbyuhpjiaEdkg&gdpr=&gdpr_consent=
Request Chain 280
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7ri0rgu%26uid%3D%23PM_USER_ID HTTP 302
  • https://ps.eyeota.net/match?bid=7ri0rgu&uid=EEA34089-5632-43C7-BF93-697CB6C23F93
Request Chain 281
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=969470227073091097&bid=omt9pi0
Request Chain 284
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2YtYhDbBvhy4OVA9DBjAlC9UlMT-EIkPKQImWEmnE4qQ HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D03518a24-a6b3-4c42-b9ca-61abade7ad5e%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2211485602329325570&pt=03518a24-a6b3-4c42-b9ca-61abade7ad5e%2C%2C

282 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gbatemp.net/download/batch-cia-3ds-decryptor.35098/ 		133 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e38855b8d76bbbc5183759cbab9f5423cc139d523289579e79f24758f9dd99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8aedf52ad85c036a-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 09:21:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Tue, 06 Aug 2024 09:21:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UZ4AccqKKrm6lohKLh2LSk%2FVWDOMgZuZQ8AiS8tNn4boXtQAMwU3QvMy3euDgCilmuuHrynW5hLxvAU%2FkIgMKBRisGThIJjcxP6%2FEnNlpbygUh1Uk6I2UI4%2FBTj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
fa-solid-900.woff2
gbatemp.net/styles/fonts/fa/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 02:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1900592
etag
W/"614be6a1-21678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlLI9IUgcDnPH3alnm61ATMsARWWwkfkBaCg7OfeY%2BuRq5YA5YM4fRbeKx7%2BBM1EMnL9avSN7EP5rjdTXgCP4Y5BnfIUDlN3Eh%2FlTwitPyVd0yMNYaz77SfwuLrq"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf52c38d9036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 21:53:28 GMT
fa-brands-400.woff2
gbatemp.net/styles/fonts/fa/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 02:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
354996
etag
W/"614be6a1-12bc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15ZqmxbswJk2dG5ZOZezjIcG9Wz%2BxKAp5LOLc10KMq9QTIpvmAhApzDvHn2xrwUmJoFp4HnMy1vYGm76yKpHytKp6gAKpXs2tvQwuE6rnInvAlW%2Be%2FjeqXIEYrlH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf52c38da036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 23 Aug 2024 15:05:43 GMT
preamble.js
gbatemp.net/js/themehouse/styleswitch/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/styleswitch/preamble.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a9865338eea27d217fc1bbfd00b94a876d9796e78aad912a55af44cb5e8da4a

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 16:37:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460479
etag
W/"614dfec1-1d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCu8Lsocru0R3BtNB8aBjFiu17A2eXMUDPZ3vL7QYJ57YYv%2BuUOfN8hXQtSzAKvV94CRZEUUfJyCIre5CH%2F9EZwPR0%2FM7bFKQUBamqVBFsImnVFSyJz17taqHjKj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52c38db036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
preamble.min.js
gbatemp.net/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/xf/preamble.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 08:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460479
etag
W/"646c75c3-e11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aMr7A9FO%2Bcue0KlYadAeYbD0D96OSafaVNuozfkwVscmWqdimZmYqpTJWCxvz%2BE48tzc0OyV7JqV0ejH9Zt5Xom1CeVbipM2FcJa6sbWBVIZP7Qgbq%2FriTMdflk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52c38dc036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2061983-1
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44f9ea6e1b082e200d35a8ce36ff554b96021d56b9ed217e9485929a7aa05a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73261
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 09:21:37 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5X4VMGQS0P
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35eb0c3fe9de6e360ea664899ab610cdbc6553761a0d91a16198a5d6f87c02d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 09:21:37 GMT
ramp_config.js
cdn.intergient.com/1022816/70668/ 		121 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1022816/70668/ramp_config.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1d035d6fc9246c30a54b6d31363cbf0679769f876d4505c042555e1c8caf8c4d

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 07:06:01 GMT
content-encoding
br
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
age
8135
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
3Hco97qvcPaj7rz1UUbV2K6qfehMKM0exKhFwG6Xi8XzAdSBJS_BFg==
tempy.svg
gbatemp.net/styles/ts32/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbatemp.net/styles/ts32/tempy.svg
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3f3b2cdb449f755605992d29d0ad7e3d4517d849abb517062f5ccf71cbb2433

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:02:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2832
etag
W/"614bfc40-ecd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ism62YDjL0SujkUfOkQyMvut1PkiYmafSmoA3TNaicnOwYnPJm9JaQ2cc3Z416IM%2FyZSeqXEBJkE0wNoXsoSG1aa7iJO3FF8Y3%2FbvITJWLnW%2FS%2Fu6Zp8c0XgI0BR"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8aedf52c38dd036a-MIA
alt-svc
h3=":443"; ma=86400
gbatemp.svg
gbatemp.net/styles/ts32/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbatemp.net/styles/ts32/gbatemp.svg
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f78adcd84d743c3b881a0ffb9596b1ec8d7069ead9a8fb09f28cf25d9f0618

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:02:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070
etag
W/"614bfc40-88b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zhSIKPWtvgrLUpjTtikLIJgl1nxYnpYrN1wEdggjSBYmngYhSmYeV1Pf6NPaXdw%2Bi6Vs8208tvPXwYG8BRXXDDWpgSxXG2b%2F9ThvlN65uAHXJ3JYFTkzrbTUgsX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8aedf52c38de036a-MIA
alt-svc
h3=":443"; ma=86400
jquery-3.5.1.min.js
gbatemp.net/js/vendor/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/vendor/jquery/jquery-3.5.1.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 02:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460479
etag
W/"614be6a1-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcIf4Au8mITY98hxByPwUYcBr3YQKEWnbp85jfjVdsIeRGIz1iQ31xZfkssiAWmT%2BvwqjE27FKTN6FI%2F89drwG7KF4P%2FMzrcLydy5%2FLhNT9PTYoC2zMRnHx%2B%2FlZA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52d994d036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
vendor-compiled.js
gbatemp.net/js/vendor/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/vendor/vendor-compiled.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 02:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3706
etag
W/"614be6a1-aab8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2Fo6anq8ydbEbNjepLgE2mz4Fyz7ClhIhMa36JBJgaBv8Q31rJPQQdFqmurec7vxti0LHu11MH9t2ZGwoJ%2BnKzja34dgTsAoBxxh2jgKn1myiiK56EAlu7pBatIj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52d994f036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
core-compiled.js
gbatemp.net/js/xf/ 		211 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/xf/core-compiled.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 08:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460479
etag
W/"646c75c3-34af7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apxqJenneiT8gpP3RL%2BGXxSsBg0MmOY1Gz%2Bt%2FPLBUbqfEgA8ndPlMzh9lALhyhElnog3j3jAYs7YqERYqnRXbLKoyfOoBsBpRG7ahElFkijxgVzv6D0pbjuIBPfF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52e297f036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
global.js
gbatemp.net/js/themehouse/styleswitch/ 		631 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/styleswitch/global.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86f8c8fa0bd68f5b36a13b4f5e73c7ecdda0b806fb0887d8162d28c0ac07d91

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 16:37:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"614dfec1-277"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmxCzLrJqgBmMovdF63UTGi4JzfChtBKOlEKPA%2BmjXBv5w6ynCssg9qjIKTVnDoTsGZJJaupFS02hIylB34%2BWK2WmD5UTHt26jTZtixspfiO5BL9O0Nh72yOkSp%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52e89ad036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
lightbox-compiled.js
gbatemp.net/js/xf/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/xf/lightbox-compiled.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eae4614839dd16db962955501015cf4231fcf25e3fb4e6144805f5a27f7e069

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 08:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"646c75c3-14104"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M45JBY%2BsfUNaKJu7dctv9sW2SMWUAu9PlyIKanGB5rLDaDEftr3EpWe7JOP4ZjIO5nDBFq0YCqwJ%2FnpvnoypFTPsHQOvij3mLc90tCYdPVhtvvbFagoKxWSvl1ac"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf52fda29036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
alerts.min.js
gbatemp.net/js/sv/alerts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/sv/alerts/alerts.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1ad26729c4996835574ec1b0821704121ff09d2e162df0eb1ff48079b080be

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:38:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"614c04a9-f95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEX9XfQILnkB2sdkRoqUjXUacq%2F5YZHeuFTL34h8oaW%2FJa1FN%2BdtBU48mIAlHH1l7pzL7PvxNKOebIRn%2FAw0joUjKPALlHAaLAW5qndjNiw02US4fH%2FvMu5j7ott"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5306a6d036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
core.min.js
gbatemp.net/js/siropu/chat/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/siropu/chat/core.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d38b9762bf8968017ba9ba86387363775f4948458258ef6ff74c3b11842aaa

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 08:31:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3923
etag
W/"629f0cf2-b463"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=visjHeJT2ws8rbsY%2FYk5Dk7k0q8R3TsEndsIFN5ARD4U4FQKA%2FDG9sfujs%2Fs1AiGtrek7hL%2BDjCZN%2FG7PUG2X9B2GsHRVKpr0n1PVTou92z2%2BQC6atfgYAZrYGgJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a6f036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:52 GMT
editor-compiled.js
gbatemp.net/js/xf/ 		701 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/xf/editor-compiled.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d2daa2d776c08239e659dca8f2aa1e1676a4a11975ce00296542438565eea5

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 08:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"646c75c3-af4e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JpFUMSMtaHd%2BVe%2FtDKILd7LBrJAs5J7Ye8%2FcMvGrge44zV11Dl31vjvRqR62HiB6RBUTxgvkQR%2FauqxRMGUyuRMCPAY97kwFX4kM7smQQeUooTnX%2Fc43fbeX1ef"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a73036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:52 GMT
editor.min.js
gbatemp.net/js/DBTech/Credits/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/DBTech/Credits/editor.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794ad55da0b495c4e6a935d39149a2107e4058b5ae038c3acf1919a6eaa2b155

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"614bff76-5a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COR%2BGm2XqA695qz8Bqf8SRgTJxt11rZegN%2BRsErMWSV%2F4K7sXrj%2BtKcd6I7bSQW4%2Fg9hMrXgf0SPQmSvn7c9Cfb3IOlTAaGnuRhuZrwD0Ibh0WLqurw3DXUtws1A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a75036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:52 GMT
editor.min.js
gbatemp.net/js/Snog/Groups/ 		812 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/Snog/Groups/editor.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1d909ebcf9c6128fef7dea0d9860c3dc40ee4230a240f4beaa748631f262a9

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:33:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"614c03b1-32c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4ozxrA53ZP03JkNotVbRlAfrhMY7intT8hdJWtepv7FCQhHcckE7CymMGLgNVf%2BovEHQxYgp0qBMgwEBLRZ6mlsz%2BtVu4vUrkCDFEENOMCW1vk3yhI1Z6NvI%2BOV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a76036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:52 GMT
editor.min.js
gbatemp.net/js/xenaddons/ubs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/xenaddons/ubs/editor.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
829f950c493e2899e1fb22d0e12afd24ba57cc9ae6db056a06c4cf1628376c8c

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Sep 2021 04:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"614c063d-ae0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsVkoO%2BqotbRxVZplGFsC01NQLm2Upsv80bV3r0FIRgS7xB0hmW68vaaCSyIA%2BJPBrRoMJDYkhjftM56W9U511%2FsoxT7o50znfqM%2F20QnJnqXDBAe9cc4xoO5PSR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a77036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:52 GMT
20210125.min.js
gbatemp.net/js/themehouse/global/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/global/20210125.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-2b29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YuT%2FJKlZOtDpNtGseqcPofnAholgKJzVQdcMzjIFJplbcLh6sG160lOQBmdTHD%2Bg%2B8ItY%2BxIK8Mm0SQBk4roYuhgfehsMDl9PfBqw8nzcYw9US%2F8JjtQbOGoqUf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a78036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:49 GMT
index.min.js
gbatemp.net/js/themehouse/uix/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/uix/index.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c7b4f7be45c1f11423a75f305214f3b22cc6285746a1efa007a60500845c25

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-2060"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjLQnZUTAspECJyIN6lN6in5ZQBvXqpv8%2FNdQbkRNI9qhoboV7I1RM14R9LAjGXCaX6M13J8zqWAK%2FoQmGyMlWD6jAGZsH6ruLMDI%2FNIxCfq250sUdiXJ8P%2BwHJi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a79036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
jquery.hoverIntent.min.js
gbatemp.net/js/themehouse/uix/vendor/hover-intent/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/uix/vendor/hover-intent/jquery.hoverIntent.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-8c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qguUojzdpJiQOoRcMarQu4lw%2BFMLqaLF4bVJuzTiAl9cmRdco2HzC01yLiIoBepcp7UQvEkL%2FS%2Bm%2F79D8Q8suehY42UcticNrEIDxtVsf8f4QQQq%2BxA6JZDt6QoO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5307a7a036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
defer.min.js
gbatemp.net/js/themehouse/uix/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/uix/defer.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-4625"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25e%2B7dRqXvmddgG1%2F66Y6FYgJXiJx85sxubrdsB5zN9M69QWhpUh%2FDUzWpdCijMOnXUYBAAxvYXmNCQsdr5wBzstmi74SfgafkMiDdkUEcqGNbO6cGQYBD8ub9%2Fq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5308a7f036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
deferNodesCollapse.min.js
gbatemp.net/js/themehouse/uix/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/uix/deferNodesCollapse.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-b62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6K06vI%2Flg%2BcMRLYKBErXdaA6kABXyP8e5ejEhnpOGD3dDlAsxtue9J37gOEHwxlXdPp1gF6SyMKlFnU6SSxdX%2BASwa%2B3CPpzp8ePRPHurWtKM8Gd%2B7MvLU42oX%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5308a80036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
deferWidthToggle.min.js
gbatemp.net/js/themehouse/uix/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/js/themehouse/uix/deferWidthToggle.min.js?_v=e90f4f61
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 14:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460480
etag
W/"62ff9cd2-94c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjVmi4qIvDs9cnFp%2FuNkeSXgU9b%2Fgnwx5Bv38HBx5MCT6ataW16V%2Bdg21X4lOpL1kGMxtzZ1pm%2B6ALNYgaDTQ75l6kye1oWCgV%2BIj8lqqAd5HDobfdA6%2BpYtABKT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8aedf5308a81036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 19 Aug 2024 11:39:50 GMT
ramp_core.js
cdn.intergient.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f3c112da0223263eaaaaf05b2aac003183907aab9f5a2474a12784d8dbc07509

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
br
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-lambda-function
us-east-1.pageos_production:541
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
z-hHqxL3n2P6MXHk4zpiDGmpQ2aK3axmv70nAbwSMQdVSGBWIsVZXg==
css.php
gbatemp.net/ 		634 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=9363b903a3f357773f35ba84faea4c9645ce8e4a
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/js/themehouse/styleswitch/preamble.js?_v=e90f4f61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dda62d218eda3aad41c1c524e4e18042093d1a5735fd2e84da4449bccf28b1f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67054
alt-svc
h3=":443"; ma=86400
content-length
117100
last-modified
Mon, 05 Aug 2024 14:43:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIqoyH60dyuGOl0h%2FuxeNTUBaQdb2tKAFR9djTaSnxXs4l%2F2DnVQMSwh%2BXSZr9oQUxdv1i3LISPh7EJDMr78%2Bq49ddSn5pJg9Fz2dW9%2Fxq%2FYfoNhUWa%2BSlSQTski"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8aedf52c9900036a-MIA
expires
Tue, 05 Aug 2025 14:43:20 GMT
css.php
gbatemp.net/ 		373 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/js/themehouse/styleswitch/preamble.js?_v=e90f4f61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac08521acad5f4d7687fff1f01fa70150ad580377a793309c52547063b40143
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:36 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67051
alt-svc
h3=":443"; ma=86400
content-length
85312
last-modified
Mon, 05 Aug 2024 14:43:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eeXQGX3DNDU2b2QVGraNrEYcgKONo%2FJkwpfKpq2JViEdLlqQPML36ks4zygh7%2Bz6ClwVuhjxg5NYhoUukqyZnxSY623WLURejgvhx%2BUuDmABmI%2BCO8aKU0uPgm9R"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8aedf52c9902036a-MIA
expires
Tue, 05 Aug 2025 14:43:48 GMT
css.php
gbatemp.net/ 		635 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css%2Cpublic%3Aextra_dark_style.less&s=16&l=1&d=1722868999&k=0f468536ae14530d197aa6d46f14fb76c948d2d8
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/js/themehouse/styleswitch/preamble.js?_v=e90f4f61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b6a5620a24e4a9311aa3151ff8cfb3d89d7a0ecf7dd855a273268e8de76153
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67055
alt-svc
h3=":443"; ma=86400
content-length
117595
last-modified
Mon, 05 Aug 2024 14:43:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4%2B6gn037c73zo%2BCYE1tcRMxInWm54ZqRcH8hrdAaChGJk2OkDkm6czSIDr3DVJXQ0f%2FzWvu77hsYNJeo%2Bm7UpFbfSgcquh4dmkdHagJIvz1xwmkpBKjYaF4VwBo"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8aedf5309a88036a-MIA
expires
Tue, 05 Aug 2025 14:43:20 GMT
css.php
gbatemp.net/ 		375 KB
85 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Aextra_dark_style.less&s=16&l=1&d=1722868999&k=460275af77f4b5e9260e8451a9b4ba45504489dc
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/js/themehouse/styleswitch/preamble.js?_v=e90f4f61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4a6759855ce80913a0f7703fa0914588d5844d1278ed9ef8163bebea291156
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67053
alt-svc
h3=":443"; ma=86400
content-length
86509
last-modified
Mon, 05 Aug 2024 14:43:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oL03Fx7R5I5qHw%2BOOPHbyjIeQVfh2VeiW1kbY%2FZpA4jtlYzMadsRkmYl3tsJNHsTfJcOXuiVQcNRk0AGE5%2BQUr5HRm%2FjYzkd4Ycz0h71aSP0mWqJuXqpwVxqfqqj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8aedf530aa8d036a-MIA
expires
Tue, 05 Aug 2025 14:43:48 GMT
2e0748972687835b1f00ef.app.js
materialisticmoon.com/public/js/4f08407e9ea007/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://materialisticmoon.com/public/js/4f08407e9ea007/2e0748972687835b1f00ef.app.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1022816/70668/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b5962d6541cedee4a6a84d2c47b93c842f9ae2286ca68245c7a58d9be6327dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-us-east1
etag
W/"dd5d879cb7236135f723c9be4c2ffff8a9994e786aeb1e66d75051b058a7fa0c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-znbj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8aedf5320d9ddb25-MIA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1022816/70668/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
090c2ef51938b4845a8589cc1b8970807964ed3fe4276effd304a01811241e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31951
x-xss-protection
0
server
cafe
etag
243 / 19941 / 31085847 / config-hash: 798838166998995322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 09:21:37 GMT
prebid.js.br
cdn.intergi.com/prebid/ 		525 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1022816/70668/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa413100f52adc30405e4e42b17ece902561e6b0cf96732fe2265d318edd7d01

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 23:26:42 GMT
content-encoding
br
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-version-id
CsMxioTm5hweGwfnIq6j4Dwq7dmeldZ.
last-modified
Mon, 08 Jul 2024 13:53:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
35696
etag
"0274ed67d262120c2ba54ba6994f18d6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
136391
x-amz-cf-id
sXQldzlW7RVeMGnR_sk8bS_Inic1IAau4tGfvt4vrrOrCAPgaWx6Xg==
open-sans-v26-latin-regular.woff2
gbatemp.net/styles/ts32/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/ts32/fonts/open-sans-v26-latin-regular.woff2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 12:42:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
658771
etag
W/"6151bc24-4160"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrUP1cttqqO7CnNencga%2FEu4310dtxyo8jf2VVmqyMdq8h1wk9EV3zHuolIC9scjLm%2F4QwuPKOPCPYNVrDoV4fLY3lfSbh4lu02N3P8KxKfQmjadSCCjAdO4me4y"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf5320ae8036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 23 Aug 2024 15:55:23 GMT
news-cycle-v17-latin-regular.woff2
gbatemp.net/styles/ts32/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/ts32/fonts/news-cycle-v17-latin-regular.woff2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361c9f80feaefdda9eb1bb7ee61de56d922188898f69af4cf8a76c64fb0183ad

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 12:41:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
914596
etag
W/"6151bc14-33a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bu48bafuZr7AyR69NufEkZxPT1mPW7PrcRYi0%2FefuwHD%2FNP3gDFrvpORdLXXXIN2CkiniEC417RnjBHSsvlYGJjiegtvyqtYUCH0d3c0Y7nrjkIaZHJHh1DFyGXH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf5320ae9036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 16 Aug 2024 20:35:34 GMT
news-cycle-v17-latin-700.woff2
gbatemp.net/styles/ts32/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/ts32/fonts/news-cycle-v17-latin-700.woff2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20dd8e5ee0595ff5c58ae1c6545229af09c25bd742f3d880791c4abb3e0afe7f

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 12:41:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
909260
etag
W/"6151bc14-33f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuLn7pMkcFPeet2WA9pkzrKwmdJFjEUnLH%2BemnfjOiqr27uQsra6zCkxiMq3Sm8G%2Bx8YF7LNXKT%2BIBPuSyOv85MFG36HBYjpUkacHxWZv7HP0RV6PBzUGVBaD2%2FE"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf5320aea036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 16 Aug 2024 21:55:09 GMT
open-sans-v26-latin-700.woff2
gbatemp.net/styles/ts32/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/ts32/fonts/open-sans-v26-latin-700.woff2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0d3e86a0d3dffd0c2d917f5b309a189f78110ee62373666161a018036da1a1

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 12:42:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
924183
etag
W/"6151bc24-3fc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRyPsB3nk%2FiFTmcHR6fT%2BRidhheyBU3FD1rZdRljfuO3vgzvVR3z7S1bEenLC2wFrLGvGeuUfJ5YJjdoUuvcK6Uer0hoc4vRh2q2cidiy52GdCk8ER3OEH9TmWO3"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf5320aeb036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 23 Aug 2024 10:45:30 GMT
open-sans-v26-latin-italic.woff2
gbatemp.net/styles/ts32/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/styles/ts32/fonts/open-sans-v26-latin-italic.woff2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ac948f1f9f958d7e56ad53b1fdd18c26da63dd374d6be34a9f65285c49bb8a8

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Aeditor.less%2Cpublic%3Alightbox.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_chat.less%2Cpublic%3AsvAlertImprovements.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=8e77b84e503586ee17ee26cfb8b3d77a0b3988d5
Origin
https://gbatemp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 12:42:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1802959
etag
W/"6151bc24-4554"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ey2C%2FcgDhwulp4eQDcpiWFmpHPeJqJNVhDEvBjgPM0%2BHVBO0Ld9ME5ZV47y7HcPEcdgJ8oCnMyn4e01%2Fj0xt4nEAy79p9Dy6l%2FkzQjRWbbYY%2Bfr%2Byic3OCetS47p"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
cf-ray
8aedf5320aec036a-MIA
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 20:56:40 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
sprite_sheet_emojione.png
gbatemp.net/styles/default/xenforo/reactions/emojione/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbatemp.net/styles/default/xenforo/reactions/emojione/sprite_sheet_emojione.png
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=9363b903a3f357773f35ba84faea4c9645ce8e4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f06fe994ffdef877c739fc2baaf961d929cff85ea19e62b221525898ec07126

Request headers

Referer
https://gbatemp.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css&s=15&l=1&d=1722868999&k=9363b903a3f357773f35ba84faea4c9645ce8e4a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430466
cf-polished
origFmt=png, origSize=7443
content-disposition
inline; filename="sprite_sheet_emojione.webp"
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Sep 2021 02:29:53 GMT
server
cloudflare
etag
W/"614be6a1-1d13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhyliwIeO5baUHcB3%2FlaPOQW3qNxrEMcZSPkHMXtMq6Ju7E7ZC18uueTwtmIiUFQb9JHAxUVtOakuREFtBKrJ4GG%2BBhSBtUPm6i4cu5aqLSli%2FtpuaVc7VKcPLy%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
cf-ray
8aedf5322af7036a-MIA
expires
Sat, 17 Aug 2024 14:54:05 GMT
610331.jpg
gbatemp.net/data/avatars/s/610/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbatemp.net/data/avatars/s/610/610331.jpg?1722562380
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b7e20eb1eb1e18a4329436a977e3d86ac396a9670170d2ac7af2664d1598f7

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301897
cf-polished
origFmt=png, origSize=4734
content-disposition
inline; filename="610331.webp"
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Aug 2024 01:33:01 GMT
server
cloudflare
etag
W/"66ac374d-127e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zh7LpSMxsc7o3ScfFyqSWbxbniOKGjaNTU0MANgSchWtKJzmYa2lY%2BazmD%2F1Na2Y3i9i7EZzpwvfkYH1aQVDdfkNuM0p6pX2XUz5Z%2BPQ3%2BPHhcBp4lZ9vUhAl0n%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
cf-ray
8aedf5328b1c036a-MIA
expires
Sun, 01 Sep 2024 19:21:12 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/ 		476 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
57137ec4bf2535898681a1d0c36d4990f2b214ad321dfaf47030622562da7829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 18:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
51946
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151938
x-xss-protection
0
server
cafe
etag
4901878224905487309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Aug 2025 18:55:52 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2061983-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5X4VMGQS0P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7253a9f6925394468517bd8a6797a2bd49e641fcbed12d07093b41abfc978ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72265
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 09:21:38 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5X4VMGQS0P&gtm=45je47v0v892166063za200&_p=1722936097337&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=362579429.1722936098&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722936098&sct=1&seg=0&dl=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&dt=Batch%20CIA%203DS%20Decryptor%20%7C%20GBAtemp.net%20-%20The%20Independent%20Video%20Game%20Community&en=ramp_js&_fv=1&_nsi=1&_ss=1&_ee=1&ep.pageview_id=1722936097342&tfd=1839
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5X4VMGQS0P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=tyriad&adnum=4789494
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 12:02:16 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
76763
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
U9i5kWZrX7MTJbwyHVjxbLLuNbfiaw_yy6zFuBAInYH2K6x866845Q==
js
www.googletagmanager.com/gtag/ 		292 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P2QEWTVBNB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2061983-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
207b02948cb2445c5c0e85acc9dd8626e4f1c53d366485322051b51a6329883f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101009
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 09:21:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2061983-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 08:56:26 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1512
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Aug 2024 10:56:26 GMT
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b0357bab0e8bed93f1e4282376e31fda98a5b74864baa17b3967925d7b16903

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
154013155
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc8bf1171b2ce54b44c3ce223b9410eeb8b21f0983299a73b84af942fea35e46
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9RFLWUzlYCEZS1ViDJb71Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9RFLWUzlYCEZS1ViDJb71Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QCzEzbH42vGtbAINax6kKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYWBiY6BmYxRcYAAD8Gz0i"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P2QEWTVBNB&gtm=45je47v0v895424439za200&_p=1722936097337&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=362579429.1722936098&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722936099&sct=1&seg=0&dl=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&dt=Batch%20CIA%203DS%20Decryptor%20%7C%20GBAtemp.net%20-%20The%20Independent%20Video%20Game%20Community&en=page_view&_fv=1&_ss=1&tfd=2784
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P2QEWTVBNB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1849175825&t=pageview&_s=1&dl=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ul=en-us&de=UTF-8&dt=Batch%20CIA%203DS%20Decryptor%20%7C%20GBAtemp.net%20-%20The%20Independent%20Video%20Game%20Community&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=532847298&gjid=1526660437&cid=362579429.1722936098&tid=UA-2061983-1&_gid=418071578.1722936099&_r=1&gtm=457e47v0za200zb892166063&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&jsscut=1&z=1234700730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pageos.js
cdn.intergient.com/pageos/1.10.61/ 		399 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91bb3cf6cf2e38d28436e3ff05c9e74729319e7634d539e2b518dc642058c1c0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:44:51 GMT
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
502609
etag
"7aff10e2e51ffc2991f11728c7451e4f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
399
x-amz-cf-id
JqS3sulnjbVvVhdh69Tb2wRo5GgF2eb3Ws6hAVNbznWlYWo2bhh1hA==
runtime.37057cf0581e0a5d4136.js
cdn.intergient.com/pageos/1.10.61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/runtime.37057cf0581e0a5d4136.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7283718c6afb96becb37f8b5251feccf01865a8e1caa723efc85b3186bd6ca32

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:44:54 GMT
content-encoding
gzip
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
502606
etag
W/"623870647967f0bf446bf7b516aabad8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
1tlXRwlp0l6PFyNQc2TVWmd7fPCWP_QXapAX4Vh6aClIWpXbWrpzLg==
main.d2be99a3284800cd6ee8.js
cdn.intergient.com/pageos/1.10.61/ 		197 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a3094e5c3792b56a5f7c816dbb40f709fdcb5fad450fd34af5c478c89fc5bbb

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:36:46 GMT
content-encoding
gzip
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
492294
etag
W/"b54ed086182953c6180e2a1a64bc8f81"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
O--Om2K0zCwPzftkIIVAPDzPRsV0fp_EqyVfyVxQi_dEL_LVTO3gKQ==
82fbb54f4e334c_1bd18914889d84250ec7d6c95eea8ff41d95e6
materialisticmoon.com/submit/ 		295 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://materialisticmoon.com/submit/82fbb54f4e334c_1bd18914889d84250ec7d6c95eea8ff41d95e6
Requested by
Host: materialisticmoon.com
URL: https://materialisticmoon.com/public/js/4f08407e9ea007/2e0748972687835b1f00ef.app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81a2c76c6618171a990b0f6aae132780446fb1cded50dce1120243bef14c17b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gbatemp.net
x-hostname
fen-hoothoot-us-east1-spot-znbj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8aedf53d6de121f9-MIA
expires
Tue, 06 Aug 2024 09:21:38 GMT
AGSKWxXvUeSqU9-_LKGNnS1HoachuA_VOXweWzoE39g0bolAFrlCOUdse6yG00TJ77G5G52m-_QT0YYg90eOf8BTvSBTtlCVsDDsaa1sacqt65FkbhSme3ezPZNVDZPJDumMlr-JKXts6A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvUeSqU9-_LKGNnS1HoachuA_VOXweWzoE39g0bolAFrlCOUdse6yG00TJ77G5G52m-_QT0YYg90eOf8BTvSBTtlCVsDDsaa1sacqt65FkbhSme3ezPZNVDZPJDumMlr-JKXts6A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyOTM2MDk5LDQ2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nYmF0ZW1wLm5ldC9kb3dubG9hZC9iYXRjaC1jaWEtM2RzLWRlY3J5cHRvci4zNTA5OC8iLG51bGwsW1s4LCJNc1IwU2h2cndwTSJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44e2eea6f39022fd7d9c720145e9c285e0f798a61f727499f71213566d7d923f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mQc8eNMFR33eLp6DyhRuQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-mQc8eNMFR33eLp6DyhRuQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlALMTDsfja8a1sAgu-Xf_LqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFgomdgFl9gAACGzTkT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 2C44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 08:53:57 GMT
expires
Tue, 06 Aug 2024 09:43:57 GMT
last-modified
Mon, 05 Aug 2024 19:44:26 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
via
1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
face44f0caf0e8c59d207128ef80921d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:14:32 GMT
content-encoding
gzip
age
846427
x-guploader-uploadid
AHxI1nOv8ZwpA1uQYpQYtE7JjuQ-Py_KhtuKWae1EgiOtYD3CRSTgZpLicbEdQcfqXaFPXDOTeM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 27 Jul 2025 14:14:32 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-a6cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 09:21:39 GMT
83fbb54f4e334c_1bd18914889d84250ec7d6c95eea8ff41d95e6
materialisticmoon.com/ 		3 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://materialisticmoon.com/83fbb54f4e334c_1bd18914889d84250ec7d6c95eea8ff41d95e6
Requested by
Host: materialisticmoon.com
URL: https://materialisticmoon.com/public/js/4f08407e9ea007/2e0748972687835b1f00ef.app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gbatemp.net
x-hostname
fen-hoothoot-us-east1-spot-znbj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8aedf53e0e1121f9-MIA
expires
Tue, 06 Aug 2024 09:21:38 GMT
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.61/ 		559 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/runtime.37057cf0581e0a5d4136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:45:01 GMT
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
502599
etag
"6880c1609e3243c11c7b4f1285e14d89"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
559
x-amz-cf-id
ZhL7XjH-AK5giVL12tXGPgzD_zgqWf2cDz2pYfPbHA4r54cAPWSzhQ==
iframe.html
cdn.intergient.com/pageos/1.10.61/iframe/ Frame 8E4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:4200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
502606
cache-control
public, max-age=31536000
content-length
498
content-type
text/html
date
Wed, 31 Jul 2024 13:44:54 GMT
etag
"197d24c242a7ecbbe1a7e342eec1af02"
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront)
x-amz-cf-id
jreFOV7cYooIRKXBiLG9cXrNbStMIeWMzoQfzcQlLhCaWRfKZDh2ug==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
styles.css
config.playwire.com/1022816/v2/websites/70668/ 		985 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1022816/v2/websites/70668/styles.css
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:d800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
88ad4909e63cf499a2a5cfd643fd89959a84db7458edba81c58b899bac125487

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 13:15:15 GMT
via
1.1 vegur, 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Cowboy
x-amz-cf-pop
JFK50-P3
age
72385
vary
Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722863715&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3y8u4v2XzfLNqhXgQBt3fZIsiqovmBQjF0dMBHhUwP0%3D"}]}
content-type
text/css
x-cache
Hit from cloudfront
cache-control
public, max-age=86400
content-length
985
x-amz-cf-id
UP4rbE8Habozn23U_bXqdeMYucqFIsYnLlH3fd5u0fYHvQM0Jo_FgA==
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722863715&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3y8u4v2XzfLNqhXgQBt3fZIsiqovmBQjF0dMBHhUwP0%3D
iframe.html
cdn.intergient.com/pageos/1.10.61/iframe/ Frame EA0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:4200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
502606
cache-control
public, max-age=31536000
content-length
498
content-type
text/html
date
Wed, 31 Jul 2024 13:44:54 GMT
etag
"197d24c242a7ecbbe1a7e342eec1af02"
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront)
x-amz-cf-id
jreFOV7cYooIRKXBiLG9cXrNbStMIeWMzoQfzcQlLhCaWRfKZDh2ug==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
USA
impression-inferences-edge-prod.playwire.com/websites/70668/v1/Tue/5/desktop/Chrome/ 		14 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/70668/v1/Tue/5/desktop/Chrome/USA
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-119.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
201747507efb94190bc76d3e6d6c9c730fc79e31d742a9b9c3122086c12191f4

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:00:03 GMT
content-encoding
br
via
1.1 a35a15e72ad59a60ddc8752bdb709706.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P5
age
1297
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600, public, must-revalidate
x-amz-cf-id
jREhJypIV69yPzPf3h6xfD0D2mnj548y88HFqR7JWCiS7P9I92hQmg==
tag
btloader.com/ 		107 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab2308823e5b397d944cd9bd1f45d91a3f87ab28ba27580d693fa284781bf0e

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 06 Aug 2024 09:06:56 GMT
server
cloudflare
age
817
etag
"c8c0b2f1e812fba23ffc4cd86e0b1959"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8aedf53fdf2131f6-MIA
content-length
30291
apstag.js
c.amazon-adsystem.com/aax2/ 		312 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3d75a7384786eebcf308b73a246c5968160a1ee0e3be87f45a260a6ee470062

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 08:33:07 GMT
content-encoding
gzip
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jul 2024 20:39:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
2914
x-amz-server-side-encryption
AES256
etag
W/"79480ed28fde4e52bf9a0d67f07f1113"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
cAB2V6dOwG1kUCqoxKfRnBrJwFnjieoPalzOJeZJBa8gdDTzqYFbpg==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		114 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-161.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 09:21:40 GMT
content-md5
cjVIG7ARlfXfN5VfA9ykBA==
storage-tier
Standard
content-length
43167
opc-meta-btime
2024-04-22T05:23:36Z
opc-meta-mtime
1713763416
last-modified
Mon, 22 Apr 2024 21:18:38 GMT
opc-request-id
iad-1:Uf1L0jwwyeChnGi0gC7qVv8GJgycInbPcmH9OR9dOrj2aSiiVzjHUvqOeaJ1z5zO
x-api-id
native
etag
8a97064e-7cbc-429e-85f5-49f78753ed29
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
404e9696-0589-4a6d-8258-efd500705153
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=7157
access-control-allow-credentials
true
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Aug 2024 09:21:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/17138/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17138/sync.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d45beb565f9484eea7c11e9919a7a86a6805022c6058baf76653e58fb154aada

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 11:04:48 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2024 19:37:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
80213
x-amz-server-side-encryption
AES256
etag
W/"63cacc5b1cacae985965621e36d7559d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
D3zvmMpY9bjcNTZ7vWQTjkJ0E6cC4tokVV6oWqU-wtOtywNguaKSeA==
AGSKWxX8p0fvNEXsHGhwyhUlMIRRtQniZK-NikrK42Om4Uq5VOn3gIs_21eX_BR8nYsvAP-ziwcCPghxyt3HMT1qvOMDNPGxLEowclP7aQvEQeFTb2Wume2dXPKjm-Wx2Dt4ozhp0t3fZA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8p0fvNEXsHGhwyhUlMIRRtQniZK-NikrK42Om4Uq5VOn3gIs_21eX_BR8nYsvAP-ziwcCPghxyt3HMT1qvOMDNPGxLEowclP7aQvEQeFTb2Wume2dXPKjm-Wx2Dt4ozhp0t3fZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyOTM2MDk5LDc5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2JhdGVtcC5uZXQvZG93bmxvYWQvYmF0Y2gtY2lhLTNkcy1kZWNyeXB0b3IuMzUwOTgvIixudWxsLFtbOCwiTXNSMFNodnJ3cE0iXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
67add32da0835bf49c5d5531d08ff9d78d51ad3675084250e5c7da455c20c92d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FezFn8YdnpeXpU_TB3aZig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FezFn8YdnpeXpU_TB3aZig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlALMTDsfja8a1sAgdWbp7ErKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFgomdgFl9gAABg_ThP"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1824063
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65toceELERNjg2j9sKC96PLomJOhkV3GtAxxbJ7C%2FbSwa6m55%2F2v6ub6iLyDJG3hkADrXqPNJU4GsxhuDjKP6q9NfqSbBWo3v8YByuEvg6EJFRYmsolREJLVhU%2BQ%2FUtame83W45dKHoKXNeaHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8aedf5434c1931e3-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 20:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Aug 2024 20:41:37 GMT
px.gif
ad-delivery.net/ 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3365583183693124
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1824063
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CH08WL0Aw2Fgy%2FrgRsT4b1XOTC7UAKutr5ZC4p%2FonjaaeZw970IbT%2BA7JTYU6PKhWKhjCsvB4kjwneIcAdKH4v%2Be%2BkaC%2BUzPH1aM3zHLIMWIiK5d9wZfSTVU%2FF6dx%2FsZQKT6eRoKkOAxKb%2B4sw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8aedf5434c1a31e3-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
config.json
config.playwire.com/audience_segments/ 		324 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/audience_segments/config.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:d800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cdb6a89d518fe1f0af2da96e12b3345025374e2d310933524849136e591d810b

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 13:06:35 GMT
via
1.1 vegur, 1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
content-encoding
br
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
JFK50-P3
age
72904
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722863196&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=phX4N69Gwnp0J6VCvq76z8CwFXomxTSUMAKfzBwUQaQ%3D
server
Cowboy
access-control-max-age
7200
access-control-allow-methods
GET
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722863196&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=phX4N69Gwnp0J6VCvq76z8CwFXomxTSUMAKfzBwUQaQ%3D"}]}
access-control-allow-origin
*
content-type
application/json
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
US
vary
Accept-Encoding
x-amz-cf-id
0tsADap6BZadH54N-xGXjIoPzSPmxSWRqBsgWdN8lmN26TREuIMijA==
474.a06f43d51aa26adc277d.js
cdn.intergient.com/pageos/1.10.61/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/474.a06f43d51aa26adc277d.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/runtime.37057cf0581e0a5d4136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:45:11 GMT
content-encoding
gzip
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
502590
etag
W/"4e40df765c4b2340e48e0a0795cd7b6b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
pqBSO2Lm33xVs5s7FnmyH4_my5yytqebjCskbemjLxlCpu6OBo-JHg==
script
carbon-cdn.ccgateway.net/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carbon-cdn.ccgateway.net/script?id=gbatemp.net&parentId=5bb3e20859
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
8b8125107f1ec33d7c877c848cf42ca9756c35077d6808b454e5d1f0809ace94

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
cache-control
private,max-age=900
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
trendiVideo.f27e95813f690fd9c355.js
cdn.intergient.com/pageos/1.10.61/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.61/trendiVideo.f27e95813f690fd9c355.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/runtime.37057cf0581e0a5d4136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:7000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9cc3d9d3a5a5eb3a18f6d4d5c3b23fb1360f67689a42378469737c81ad86f76

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:45:02 GMT
content-encoding
gzip
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 12:44:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
502599
etag
W/"3969bcf80b64d25f66daea8d5ea4fcbb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
PDVNqPM2eLVfGG5mWU8xXHHlCHE-m8oB_v4t8K0V3xQSG_fnTYEIbA==
tyche.js
cdn.intergi.com/hera/releases/4.7.121/ 		487 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.7.121/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec333db39e532f2714c5caa109465e0e46238429618b54a57e08951d43fdf6bb

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:40:57 GMT
x-amz-version-id
pzbVxYsOd43Lv1Uak5w3w9xZRV6Q36Ei
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 16:30:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
492044
etag
"be2203a08e019cb16c42b9b6928edbdf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
487
x-amz-cf-id
Lo7saxy4cE9R_jKv70VZ_anbhYVQBD1vKSyn0kKiS8kalXeusAvPMA==
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://idsync.rlcdn.com/712453.gif?partner_uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
  • https://idsync.rlcdn.com/1000.gif?memo=CIW-KxJDCj8IARDptAoaN3VzZXJfMTY5NWQxYTctOTJiZS00YTUzLWFiYjEtNWY5YWNhNTRhYjk3XzE3MjI5MzYxMDAzMTcQABoNCKTWx7UGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529&expected_cookie=74ccbbb4-d782-48d6-8c08-1aa977093a24
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529&expected_cookie=74ccbbb4-d782-48d6-8c08-1aa977093a24
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 43C2C6E64A94427CAE5A3C77B21CAA87 Ref B: MIAEDGE1517 Ref C: 2024-08-06T09:21:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfAFJPSVKYjNn3cCv7kw==

Redirect headers

date
Tue, 06 Aug 2024 09:21:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2BEB0DCBE13C4FD68A54D8A70526104A Ref B: MIAEDGE1517 Ref C: 2024-08-06T09:21:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=07b539e9f72cb308e9f5e6adb468ab0fff2cd192ad33c002880a7e3ef91bec2b791426b5417dce21&rand=04193529&expected_cookie=74ccbbb4-d782-48d6-8c08-1aa977093a24
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfAFJL+wNh0gtRoezblA==
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
  • https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
d02deca465aed4e5561d284faed1d3032382daec2cb402997da586209173c662

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:41 GMT
Content-Length
1220
Content-Type
application/javascript

Redirect headers

Location
/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
Date
Tue, 06 Aug 2024 09:21:40 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=iK9ghzTzHc&w=4939874516860928&o=5150306120761344&cv=2.1.48&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&sid=M8bg7Dx9Hv&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 09:21:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
map
bcp.crwdcntrl.net/6/ 		115 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17138/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-65-180.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
046482748328fc1c54b19683dc96cd809252ba92ecb3fa2ed7a0309d8110b841

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache
x-server
10.40.60.150
access-control-allow-credentials
true
content-length
115
expires
0
runtime.48ba1aa3fd1f3e55aae3.js
cdn.intergi.com/hera/releases/4.7.121/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.7.121/runtime.48ba1aa3fd1f3e55aae3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.7.121/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20b3e0e0580725cc6fee1948f76aa53f2f7353d20f5768e6d863582c80e0b9c1

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:33:03 GMT
x-amz-version-id
swaFtXxCkYZi9MCwyqq957fIuenPe_sf
content-encoding
br
last-modified
Wed, 31 Jul 2024 16:30:34 GMT
server
AmazonS3
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"e2ec1797c24de7f641ffa54151b14f4c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
492518
x-amz-cf-id
rVXnJJJHQis8psPlc8y1-DIveUibPtlhpQS3B08QvZvtSYl8tyUc9A==
main.23e7e48bc7375746b954.js
cdn.intergi.com/hera/releases/4.7.121/ 		201 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.7.121/main.23e7e48bc7375746b954.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.7.121/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b21f8deb93967889a2cb4d84d54303a61a5f920b79bf4c32d880e284e161c12e

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:42:59 GMT
x-amz-version-id
gNkJHzSaCYa4ZJmp.Mad2GO52VHuT0Hq
content-encoding
gzip
last-modified
Wed, 31 Jul 2024 16:30:34 GMT
server
AmazonS3
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"4514508b1f90cf259661d2b85c9c50a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
491922
x-amz-cf-id
KUFYWJu35N2z1WJAyMxfJXj5TkiVC9GGt25zUQLQmqXB6Re_uHY4Tg==
lib.82225ced52a6390e480c.js
cdn.intergi.com/hera/releases/4.7.121/lib/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.7.121/lib/lib.82225ced52a6390e480c.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.7.121/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:42:59 GMT
x-amz-version-id
DOOED6HcBrE3PBPjZZ_tbSk_F3ENDOsV
content-encoding
gzip
last-modified
Wed, 31 Jul 2024 16:30:35 GMT
server
AmazonS3
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"26c007e785f82a765ec40fc9a32b0b3c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
491922
x-amz-cf-id
prlczZ4Lxte2fvt9EuqyZ9Zb4XAxtXUeImX8mSv7JEHL-GDMVCpVfA==
advshow.
fundingchoicesmessages.google.com/f/AGSKWxW2YbAPHJhGh8F6zIHqcVPLe58S6E-xoiVjOGNAfNtrXBlywGpZvu_oTfRdnEkuF3EJNrSGRjv_IgWPRbdR8qINxzn1soLpphVeOYZoIY_zk-crIVrrCwGAGT1XSD4q0IPwV01v_t33fK1p-ZqD4Mw5TuhwR... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW2YbAPHJhGh8F6zIHqcVPLe58S6E-xoiVjOGNAfNtrXBlywGpZvu_oTfRdnEkuF3EJNrSGRjv_IgWPRbdR8qINxzn1soLpphVeOYZoIY_zk-crIVrrCwGAGT1XSD4q0IPwV01v_t33fK1p-ZqD4Mw5TuhwRLEmvThQPe8JMFI4l11w_N2KSaZ2Hqu-/_/inner-ads-/adlantisloader./advert5./advs_actv./advshow.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw4TfvNd1_bUEnHWMf9Nr-WTsEsIA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
cbd4a2f4916bf7cdf2c7390f3bf40b2e3918b9cce737890e4bcc73b1f96a5c9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5o6EU2DR8h-jSkuBVXMJtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-5o6EU2DR8h-jSkuBVXMJtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw05BiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QCzEw7Hk2vGtbAIHdq5rZ1LSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMNEzMIsvMAAAO-M9aw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		238 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw4TfvNd1_bUEnHWMf9Nr-WTsEsIA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
3fcb9b41884d15ce37a0aa4b8c1680859af2d33009aee21340c4f09fcbfdfb73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76113
x-xss-protection
0
server
cafe
etag
441602982763413849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 10:04:32 GMT
AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XLXtcKZcKsgmMPHIDYmrjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-XLXtcKZcKsgmMPHIDYmrjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8RCPBxLrh3fyiZw4dy0_UxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwsBEz8A8vsAAAAZPLTU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
date
Mon, 05 Aug 2024 11:21:03 GMT
x-amz-cf-pop
JFK50-P3
age
79238
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gwxlosI3EisdUUwGJFClitTjzESQaqzZ7FTxkY84utcnK1BUA65Cyw==
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-108.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5f61913ef2f4b2742638b1f485e0177ef0d6673fecade0ff8b6dadc907dbd7c0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:14:15 GMT
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
445
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
AskpSRACWaDfTaN6rUn9M5iKwJtLMfUjLucsdNlznoNjFw4fWPMUUQ==
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgbatemp.net&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
7c2f29a3238655099cbe3d09819102aa6960f96dc05e055baa65e98d5c6ee0a1

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 08:50:15 GMT
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
1885
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3620
x-amz-cf-id
O5x79yAfSWJH3rSHDWC7ASH1iaFWmqnliCtOixZlXHANSGYkSm7yhw==
v2
mb.moatads.com/yi/ 		411 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn56pt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-kBhMBihjElCFgA%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&pcode=playwireprebidheader597261727146&rx=312657273326&callback=MoatNadoAllJsonpRequest_25906648
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.117.159 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
52da441a60637b7dc9d7a4929ddc8f9a9b0ded91b369018508c54d5711946342

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
server
istio-envoy
etag
"944cc2ab4b474b357844d27ea33ccf2a5da5e418"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
23
timing-allow-origin
*
content-length
411
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		417 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.7.121/main.23e7e48bc7375746b954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b861f93f87cba8e14c74e73044ba0657e4f1c641895e4e50c33e392e47a860be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146129
x-xss-protection
0
expires
Tue, 06 Aug 2024 09:21:40 GMT
prebid
id5-sync.com/api/config/ 		167 B
444 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		75 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17262
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-65-180.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5125c402e2ca8b9d97fcac27c6da053ceb5483517a4e7bd6d1663aefdcb728c8

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache
x-server
10.40.4.233
access-control-allow-credentials
true
content-length
75
expires
0
f
fid.agkn.com/ 		151 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.235.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-235-77.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
34d1d6acd82550639e3751f3fae207015bc3da83fca20fe56c02ee641894f95e

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
any
idx.liadm.com/idex/did-0046/ 		130 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&did=did-0046&cd=.gbatemp.net&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-108.compute-1.amazonaws.com
Software
/
Resource Hash
eaa67d8c5fe35b18965ef112565205d97dd7f1e1cea576f94052ac480009c430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
6
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
25124b798302ee3b
content-length
130
expires
Wed, 07 Aug 2024 09:21:40 GMT
script.js
cadmus.script.ac/d25lqe4mlyaln6/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.7.121/main.23e7e48bc7375746b954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d587b2c150e11c65d22ebe8fdd5ffdca2c66dfb9f1744e2e2c2214be8553bc

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
content-encoding
gzip
last-modified
Tue, 06 Aug 2024 00:01:53 GMT
server
cloudflare
age
0
etag
W/"3393edc407c34d3f8cfef847e92c3f459a0b6ed5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8aedf5467ec1b3b9-MIA
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
100.27.136.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-27-136-39.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.24.0
content-type
application/octet-stream
AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9_ShAh8i9XlG4Leqye-qbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-9_ShAh8i9XlG4Leqye-qbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8RC3BxLrx3fyibQseaRg5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMbAwMNEzMI8vMAAAwgIsjw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 06 Aug 2024 09:36:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d831a0329a6484b36f24355c95bbc4fcd8894f8fbe79d2b455997cc01d329e

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:23:28 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2024 19:29:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
86294
x-amz-server-side-encryption
AES256
etag
W/"7bcc18dc921f9b135e294dc9ebbac75f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
lGNLAahImbCa01-KJ4_Zp0GgMx2UhSTIUofkbq-icLJjwy0LSIp5lQ==
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e106a5f1c5d1a80bc895df64e131503ea560d57fa360b32277e01c7bacfe8c

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 21:41:51 GMT
server
cloudflare
age
472884
etag
W/"66a1751f-4089"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8aedf549699274a2-MIA
expires
Fri, 09 Aug 2024 09:21:41 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
WM1RZ62S3TETY84Y
age
3542
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8aedf5490c5cda8f-MIA
x-amz-id-2
c1mjZawPREbT4KWV1oBN9Tw4mqD90X9k+oaPjWAfxhVSA/xCIfjtFwkE2+YHYVvo/tMw7xGHK7e802KpzTUo7g==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 06 Aug 2024 09:36:41 GMT
location
privacy-location-edge.ccgateway.net/privacy/ 		5 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-location-edge.ccgateway.net/privacy/location
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=gbatemp.net&parentId=5bb3e20859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
classification
pogo.ccgateway.net/v1/p/5bb3e20859/ 		336 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pogo.ccgateway.net/v1/p/5bb3e20859/classification?url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=gbatemp.net&parentId=5bb3e20859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
76ee6d775c115ac7386dadd6d330c7cf8d2f91a10ee969d264e2df0ab8550863

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gbatemp.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
aax.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&pid=bkkHEWY6LlCiH&cb=0&ws=1600x1200&v=24.722.1801&t=2500&slots=%5B%7B%22sd%22%3A%22med_rect_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-medium_rectangle%22%7D%2C%7B%22sd%22%3A%22med_rect_btf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-medium_rectangle%22%7D%2C%7B%22id%22%3A%22leaderboard_atf%22%2C%22sd%22%3A%22leaderboard_atf%22%2C%22sn%22%3A%22%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%22%2C%22mt%22%3A%22mf%22%2C%22mfp%22%3A%7B%22d%22%3A%7B%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%22v%22%3A%7B%22s%22%3A%5B%22444x250%22%5D%7D%7D%7D%2C%7B%22id%22%3A%22leaderboard_btf%22%2C%22sd%22%3A%22leaderboard_btf%22%2C%22sn%22%3A%22%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%22%2C%22mt%22%3A%22mf%22%2C%22mfp%22%3A%7B%22d%22%3A%7B%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%22v%22%3A%7B%22s%22%3A%5B%22444x250%22%5D%7D%7D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22681%22%2C%22680%22%5D%2C%22sectioncat%22%3A%5B%22681%22%2C%22680%22%5D%2C%22pagecat%22%3A%5B%22681%22%2C%22680%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1022816%2C1%2C%2C%2C&sm=4012a93b-a811-44a8-803b-35a25c34596f&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
7937448c3d72a7f6306be442575518f9b9436cc39305137e6477f69bb6d06f52

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
via
1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1707
x-amz-cf-id
tEVnBpG5T7zHiCNqhmsMwcRJ-F6yij5H2IUJPaWid7lxAD-ecNv6WA==
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&wp...
  • https://rp4.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&w...
13 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&wpn=prebid&cd=.gbatemp.net&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
3.85.180.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-180-135.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
x-pixel-event-id
f2b12298-70bc-412e-9cf6-69b187582c49
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1722936101330&did=did-0046&se=e30&duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&tv=8.45.0&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&wpn=prebid&cd=.gbatemp.net&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:41 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RrOSFICJiID4mhrXYU7PVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-RrOSFICJiID4mhrXYU7PVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8RCPBxLrx3fyibw4-fst4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwsBEz8A8vsAAAC5ELb4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXqbB2VF2wZCDLsn7jg4vxEGjju5LJPEYv55PBC477URDZ0So7U94DHk84evHRK8GKQ_gY-IcLTXoyG-uyaKfTyrIFihzbthc2yIxofJWkFC7SarCHaLiNHJ2t2kffDi3GgKZIFoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QtlrPBROmWCthzFwK0hZbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-QtlrPBROmWCthzFwK0hZbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8RCPBxLrx3fyiZw4-Wri4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwsBEz8A8vsAAACqzLbg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXML8HkKDe0DwWaPr7LKpf-PKtNkeShbCnC9-N89XauamUWUObyrZGBqi11FS2BbFkaXta5SB-8ciIfVIOwKSvXrU_giyelHfMoDEo2wfAolKZqus48vtnbj-okk4_NbZy5RnrH0Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXML8HkKDe0DwWaPr7LKpf-PKtNkeShbCnC9-N89XauamUWUObyrZGBqi11FS2BbFkaXta5SB-8ciIfVIOwKSvXrU_giyelHfMoDEo2wfAolKZqus48vtnbj-okk4_NbZy5RnrH0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyOTM2MTAxLDM5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nYmF0ZW1wLm5ldC9kb3dubG9hZC9iYXRjaC1jaWEtM2RzLWRlY3J5cHRvci4zNTA5OC8iLG51bGwsW1s4LCJNc1IwU2h2cndwTSJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
9d85731c030db0b261b7d50f8bd279eb18c20d6be94a743a8c8380456fa616a9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BrA07mvzJ-svM0Gdun0dqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BrA07mvzJ-svM0Gdun0dqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlALMTDsfTa8a1sAgf2Pb7JqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFgomdgFl9gAAB5ezjb"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		162 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
440c4f8f88af16d55e74094dc877ef2e8564605e3d13087425eb0fffdea441d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Tue, 06 Aug 2024 09:21:41 GMT
topics_frame.html
pa.openx.net/ Frame 2344 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 08:49:20 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHxI1nOb57Ar7ptzIfgzfVqzY1tNDIt9fDW4i6ftv9HuI_Wa0Qi3Q8fFb7lE10BU_vco7qW61yHI7wYFXg
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 39E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=126958
content-encoding
gzip
content-length
859
content-type
text/html
date
Tue, 06 Aug 2024 09:21:41 GMT
expires
Wed, 07 Aug 2024 20:37:39 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
829 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ebe785398b999e6a636b990a4827b9111051b25e305c0b25c708372de7cd5e41

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
vary
origin
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
688
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		155 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
264ba73d77e4fd432b95d82fcdd04c34f0cb528d615d04b80b0a8d7cc949c2b3

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/3.8.0
observe-browsing-topics
?1
vary
origin
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
tlx.3lift.com/header/ 		43 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.45.0&referrer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tmax=2500
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.42.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-42-219.compute-1.amazonaws.com
Software
/
Resource Hash
9fa57774a921a0d03e8a45899c091d1494b33a3b4f5bb0800cd588299e5b6346
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
zstd
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
13350
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		486 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
732f1368b1b4018d15fe7a0718dd97a18d69bd03afe89156bb71a9afae669a89
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:42 GMT
an-x-request-uuid
7194d812-05c7-4ab2-a480-9c20177d4899
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
486
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
55da335da3dfa07fb7487efa7ca26f6c931406525ee6442b06f3730f35aa0828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=4026227113&lsavail=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
637183af234d462962aaff7fba5b46aa79da97949f4d2c3c066b32ad9a77dd41

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
x-forwarded-for
38.132.118.72
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3aa4fa7f8b909916af9746675483481ea18de178642e164aa4ae85528b7166c6

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
x-forwarded-for
38.132.118.72
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1cf49c1785014ea25bba3b991f3c677dcc9f903b5848efaf040bcefa4f994205

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
x-forwarded-for
38.132.118.72
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		877 B
838 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.81.88.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-88-244.compute-1.amazonaws.com
Software
/
Resource Hash
760650c21bd6f4c0861823092794ae3daaf11fdfa088678caf3013b738cfd5f3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
481
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/ 		538 B
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.81.88.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-88-244.compute-1.amazonaws.com
Software
/
Resource Hash
6961383c441d2f3488a078d4f5a2b6ea17143bc208315a2f7b19cae1efd26641
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
377
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/ 		0
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.81.88.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-88-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.81.88.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-88-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		102 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7909071c98b3cadf79682968827dc18f342896c01da5aa16147f7014e274f0a

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exzFZGbJ4HQ%2F5%2F6lhE7t30U6LQ%2FHzuso41dW1JMg49eGEMtbEXPTr0L5Rij3skCBepUPBEMvTbUAcat%2BY0B6j9WiHD2YVx4xE8L%2FFr3cq7Ch0mR8PQqIO1DPmCDSZqBW92l5l6MS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8aedf54b5c4c3dd9-MIA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3ba49f25bc0898b61a175bdd4ecca5d24acb3333b3cc8c977350c575366860

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K51ojrko9kDyqjW2Az9%2FQig4C5kYnRFl4xmfwD6cH8bgKjOgEuyLx5kh2SSMNlW%2F49eHcvAeomCYpAxHKWzdKJRa1XauK9mf8xv%2FgAdP2OvNdzfgK79NVtM7ZsrdHLtqKTNsla3%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8aedf54b5c4a3dd9-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		465 B
802 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!playwire.com,1022816,1,,,&eid_pubcid.org=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7%5E1&eid_neustar.biz=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-%5E1&tpid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&eid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&rf=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.domain=gbatemp.net&tg_i.page=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.cat=681%2CIAB9-30%2C680&tg_i.sectioncat=681%2CIAB9-30%2C680&tg_i.pagecat=681%2CIAB9-30%2C680&tg_i.pbadslot=med_rect_atf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=7f574c8a-1e32-443e-97b1-78da914d4aa8&l_pb_bid_id=85d614f01567358&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=57ae5e96-812f-45f5-9d3b-a65e3953a14e&rp_maxbids=1&p_gpid=med_rect_atf&m_ch_mobile=%3F0&slots=1&rand=0.03114819696840243
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6914a9bd076e0890bd2a5ed86c9df63ecace9fca9d2cf9a762c1868afc1a7922

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		465 B
826 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=15&alt_size_ids=10&rp_schain=1.0,1!playwire.com,1022816,1,,,&eid_pubcid.org=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7%5E1&eid_neustar.biz=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-%5E1&tpid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&eid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&rf=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.domain=gbatemp.net&tg_i.page=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.cat=681%2CIAB9-30%2C680&tg_i.sectioncat=681%2CIAB9-30%2C680&tg_i.pagecat=681%2CIAB9-30%2C680&tg_i.pbadslot=med_rect_btf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=7f574c8a-1e32-443e-97b1-78da914d4aa8&l_pb_bid_id=86336000cc2aa4&p_screen_res=1600x1200&rp_floor=0.21&rp_secure=1&x_imp.ext.tid=8bd3752c-9e65-446a-ac6e-19b3af171cc3&rp_maxbids=1&p_gpid=med_rect_btf&m_ch_mobile=%3F0&slots=1&rand=0.6541120609109707
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a76b103dfad3f96bfdbf9b6fa5ebee8b109a6472076fb4cbcc4136dd04475aea

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		551 B
888 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=3019834&size_id=2&alt_size_ids=57&p_pos=atf&rp_schain=1.0,1!playwire.com,1022816,1,,,&eid_pubcid.org=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7%5E1&eid_neustar.biz=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-%5E1&tpid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&eid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&rf=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.domain=gbatemp.net&tg_i.page=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.cat=681%2CIAB9-30%2C680&tg_i.sectioncat=681%2CIAB9-30%2C680&tg_i.pagecat=681%2CIAB9-30%2C680&tg_i.pbadslot=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_atf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=7f574c8a-1e32-443e-97b1-78da914d4aa8&l_pb_bid_id=8744b4914380265&p_screen_res=1600x1200&rp_floor=0.21&rp_secure=1&x_imp.ext.tid=1dfdf7c4-e402-4815-888b-3097f271752f&rp_maxbids=1&p_gpid=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.42036101738290665
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a4e98baeb5dbeaaaba96dd6d5265aa9b460e54f4a8ed2e6e7ca4919faee8266

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
551
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		551 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=509370&zone_id=3047168&size_id=2&alt_size_ids=57&rp_schain=1.0,1!playwire.com,1022816,1,,,&eid_pubcid.org=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7%5E1&eid_neustar.biz=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-%5E1&tpid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&eid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&rf=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.domain=gbatemp.net&tg_i.page=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.cat=681%2CIAB9-30%2C680&tg_i.sectioncat=681%2CIAB9-30%2C680&tg_i.pagecat=681%2CIAB9-30%2C680&tg_i.pbadslot=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_btf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=7f574c8a-1e32-443e-97b1-78da914d4aa8&l_pb_bid_id=8857f42440411c6&p_screen_res=1600x1200&rp_floor=0.21&rp_secure=1&x_imp.ext.tid=ad011174-a574-4594-8f83-a5104ad259b7&rp_maxbids=1&p_gpid=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.7738914540723465
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
071b3170d260dacf208547d087f86d58495b07955ba0242bb36092625209c729

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
551
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		550 B
889 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=57&rp_schain=1.0,1!playwire.com,1022816,1,,,&eid_pubcid.org=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7%5E1&eid_neustar.biz=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-%5E1&tpid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&eid_liveintent.com=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&rf=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.domain=gbatemp.net&tg_i.page=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&tg_i.cat=681%2CIAB9-30%2C680&tg_i.sectioncat=681%2CIAB9-30%2C680&tg_i.pagecat=681%2CIAB9-30%2C680&tg_i.pbadslot=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_btf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=7f574c8a-1e32-443e-97b1-78da914d4aa8&l_pb_bid_id=894c5b08be37681&p_screen_res=1600x1200&rp_floor=0.21&rp_secure=1&x_imp.ext.tid=ad011174-a574-4594-8f83-a5104ad259b7&rp_maxbids=1&p_gpid=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.2533621701241391
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f3a932c31ac9feef67ec93d22bdfe47d118aa3e411198cd0700e9398b7e27396

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
550
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-multi
hb.yellowblue.io/ 		84 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-54.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7cc6fbd6cf90b8538b7ec4b045bedc7e64194a330b8bc40daaa7e3ca44c44601

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-P1
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://gbatemp.net
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
9G0Ay9Nfgr-izCf8iLfvUi9OcOOvFXg51he9D-9Gl7bcOWAXwrsTdg==
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1722936101563&to=600&aun=med_rect_atf&pubcid=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7&fabrickId=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-&lipb=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&gpid=med_rect_atf&t=8ylgv2wd&pi=3&maxw=300&maxh=600&si=1111712&bf=300x250%2C300x600&schain=1.0%2C1!playwire.com%2C1022816%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.52.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-52-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ac82a25ee86a41bf4556009fe8e0c6270a43faacc2c61385d695f54eb6e65179

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1722936101563&to=600&aun=med_rect_btf&pubcid=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7&fabrickId=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-&lipb=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&gpid=med_rect_btf&t=8ylgv2wd&pi=3&maxw=300&maxh=600&si=1111712&bf=300x250%2C300x600&schain=1.0%2C1!playwire.com%2C1022816%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.52.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-52-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
094f1dd905848608e158b2f2dec568a72246830d96c2a59bb42de1d8baa1ebec

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1722936101564&to=600&aun=leaderboard_atf&pubcid=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7&fabrickId=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-&lipb=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&gpid=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_atf&fp=0.21&fpc=USD&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250&schain=1.0%2C1!playwire.com%2C1022816%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.52.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-52-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dc77817d16d7788cbfc55a6bab768016d4bb0759a0821bc089871eef70daf4c2

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1722936101564&to=600&aun=leaderboard_btf&pubcid=0e86ec58-1a87-4a59-a50d-4d224f3fd4d7&fabrickId=E1%3A8W0SrO1t6zHnHn-syY3BzIr9qq8jLfWlrNdFh7LZcN1rqVk8QG0OhVPARpZQIq1jD-V_2eesN-Wo0tVF1XWuTKJMauRkL63IVFpKfC0eYClR4a_nNxQPHG5hwv7jE2v-&lipb=5-t91%2FNHQVQ%2Fk%2F7KqLzFaym3%2F4GRI%2FJ3Y7c0C27d8tOrxv6ya080pqg9HwP5L6C%2FxqiBn69MZohVnrbJ7jw9UR5exV66gCJJajEJuEPfklHV79tFfhWSj0&gpid=%2F154013155%2C22514073940%2F1022816%2F70668%2F1022816-70668-desktop_leaderboard%23leaderboard_btf&fp=0.21&fpc=USD&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250&schain=1.0%2C1!playwire.com%2C1022816%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.52.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-52-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ef0114e07710b0d8536142b01cc4acd70443097c3f5b94c1f16b0eff45c35f96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=5baad550-1e5d-4173-a212-bf34df76401b&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5baad550-1e5d-4173-a212-bf34df76401b&bid=1e2n4ou
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:42 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

location
https://ps.eyeota.net/match?uid=5baad550-1e5d-4173-a212-bf34df76401b&bid=1e2n4ou
date
Tue, 06 Aug 2024 09:21:41 GMT
server
Kestrel
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm4xQXp1aXoxTnJBanRkeXg5X2NDREg0Qzd0RGxvNFcwbHdiUzFYdGpVejQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm4xQXp1aXoxTnJBanRkeXg5X2NDREg0Qzd0RGxvNFcwbHdiUzFYdGpVejQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEB7KeZG4rrnS87bZ-3mPuz4&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEB7KeZG4rrnS87bZ-3mPuz4&google_cver=1
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:42 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEB7KeZG4rrnS87bZ-3mPuz4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent=&verify=true
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-8SueVjpE2pV0qznXjQC5IAEswLPmTm0JEyA-~A&gdpr=0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-8SueVjpE2pV0qznXjQC5IAEswLPmTm0JEyA-~A&gdpr=0
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:42 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-8SueVjpE2pV0qznXjQC5IAEswLPmTm0JEyA-~A&gdpr=0
date
Tue, 06 Aug 2024 09:21:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
29535
tags.bluekai.com/site/ 		62 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29535?limit=1&id=2QOp1thbvxziWCzezKOFb0dQetYcJ4OozDzMSsd48B10
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Aug 2024 09:21:41 GMT
content-length
62
x-request-id
58d6f2a4d8fac79632a0d732cf80c2d9
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=m51mh00
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7908695941875618071&newuser=1&referrer_pid=m51mh00
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7908695941875618071&newuser=1&referrer_pid=m51mh00
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

location
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7908695941875618071&newuser=1&referrer_pid=m51mh00
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
4bcdc33b7708b98d81ca733eee6267957e0a051ba110830577ba0c02b63c82c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
userId
script-api.ccgateway.net/1/ 		446 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/1/userId
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
a2d95b3fd579197f2a095108cfb4bb800ea02912e0fa894f3916795999339881

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
private,max-age=3156000
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
user.js
script-api.ccgateway.net/script/launcher/2/ 		2 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/2/user.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
api.js
script-api.ccgateway.net/script/launcher/5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/5/api.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3
  • https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3&b=1&tp=XtDehSXHTK%2F24vWVmqD4o6cTX1JrKPU9IPRhfkyARvg%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3&b=1&tp=XtDehSXHTK%2F24vWVmqD4o6cTX1JrKPU9IPRhfkyARvg%3D
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 06 Aug 2024 09:21:41 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://gbatemp.net
location
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&src=aps&ver=1.12.3&b=1&tp=XtDehSXHTK%2F24vWVmqD4o6cTX1JrKPU9IPRhfkyARvg%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 06 Aug 2024 09:36:41 GMT
AGSKWxVtmQgF9lY_3bh1ZpMzN9b0zXpZmwDehC2jxq3V6dRqF7O779iogyTQMAO63XmoJyje6bpFyn26M0dyV66SSOGH0Fqay3GdF23U3BLsHAV5U4sVL5xUiJk9vOiU94FjKxz6HJhSBA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVtmQgF9lY_3bh1ZpMzN9b0zXpZmwDehC2jxq3V6dRqF7O779iogyTQMAO63XmoJyje6bpFyn26M0dyV66SSOGH0Fqay3GdF23U3BLsHAV5U4sVL5xUiJk9vOiU94FjKxz6HJhSBA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MsR0ShvrwpM.es5.O/am=Phg/d=1/rs=AJlcJMxOkZ2XEkVpaOomtedwQmO1qGtELg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_508Rpxxu1XrGgEzA5ayBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_508Rpxxu1XrGgEzA5ayBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8RCPBxLrx3fyibQcfDTHSYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWCiZ2AeX2AAAAziLVM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
setUser
script-api.ccgateway.net/ 		0
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/setUser?parent=5bb3e20859&site=gbatemp.net&ccuid=a58a75a2-e241-4c10-8545-2d0e5eb595c0&ccsid=145b882a-838b-4a29-875d-fbc6a0f4f00d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
private,max-age=300
content-length
0
content-type
text/javascript
bundle
script-api.ccgateway.net/script/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/bundle?id=gbatemp.net&parentId=5bb3e20859
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
fe2f74a329d76c9702875f2eb2762231acc2d7be34ad7b1dbdb2be20729696ed

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
cache-control
public,max-age=1200
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:42 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://gbatemp.net
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 06 Aug 2024 09:51:42 GMT
script-load
tag-api-2-1.ccgateway.net/v1/event/record/ 		42 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag-api-2-1.ccgateway.net/v1/event/record/script-load?engttl=60&engcount=0&engid=51b8033d4d9242e2bcd3f40cfc5a9923&cns=&cns=&cn2=&cn1=&accountid=43ce7925-afb8-48af-896b-d9aabce331a7&landing_url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&utm_source=&utm_content=&utm_term=&utm_medium=&utm_campaign=&pageViews=1&prevPvid=bdaec79b31064fcebe956b3bdedb7429&url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&curReferer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&extReferer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&APPNEXUS=&GLAM-SID=f7f93840904e4eff8b30dadd82a00efd&GLAM-JID=7d518e526e2342febc851849f32a926f&GLAM-AID=419330f0bfe346ba926fe70d9ffd4ef8&pvid=bdaec79b31064fcebe956b3bdedb7429&ccuid=a58a75a2-e241-4c10-8545-2d0e5eb595c0&sid=145b882a-838b-4a29-875d-fbc6a0f4f00d&nct=1722936101000&r=&ns=true&lang=en-US&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&description=%25E3%2580%2580%250A%250A%250AThis%2520is%2520a%2520very%2520simple%2520batch%2520file%2520to%2520decrypt%2520CIA%2520%2526%25203DS%2520files%2520for%2520beginner%252C%250Athe%2520CIA%2520will%2520be%2520decryp&title=Batch%2520CIA%25203DS%2520Decryptor%2520%257C%2520GBAtemp.net%2520-%2520The%2520Independent%2520Video%2520Game%2520Community&devicefp=38.132.118.72%3A2&browserCache=true&localCache=false&cookieType=0&nocookies=false&ios=false&parentId=5bb3e20859&scriptId=gbatemp.net&skey=60f49734-5c10-4596-bec7-71b98c188910&url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
Atreugo /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:41 GMT
content-encoding
gzip
server
Atreugo
vary
Origin, Accept-Encoding
content-type
image/gif
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
iu3
s.amazon-adsystem.com/ Frame EC05
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativ...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativ...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativo_an-db5_n-Rise_3lift_n-Outbrain&dcc=t
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
431
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 06 Aug 2024 09:21:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CXBRSC5J24H1RMY8QKPF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Aug 2024 09:21:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-nativo_an-db5_n-Rise_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6HN03SKKHJV2DBVKNRHG
483.json
id5-sync.com/g/v2/ 		638 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
479a26706e073849479a399949868745836ea0a94bc87d20801d5c1604a8eb87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 09:21:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://gbatemp.net
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:42 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 06 Aug 2024 09:36:42 GMT
iframe
ssp-sync.criteo.com/user-sync/ Frame B0D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 09:21:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=12556&us_privacy=&gpp_sid=&gpp=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=12556&uid=LZI7O4K8-18-50W2
86 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=12556&uid=LZI7O4K8-18-50W2
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=12556&uid=LZI7O4K8-18-50W2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
bounce
id5-sync.com/ 		30 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
text/plain;charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
9fbc470d01300504e6e72f7263af0fca2352b769d82a5c428cbd02d154020c6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/ 		699 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
8d5b7462c9c4df1bf5b80793da508d7fdc52460678201c98616b093f6a774625
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://gbatemp.net
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/483/8.gif?o=api&id5id=ID5*U9lrbfJgsQ2Uv-jGESPwnkQs3J-25gN77Iivs_CvRQy4Mamzll_lKDBrD7Ef9Yrf&gdpr_consent=undefined&gdpr=false
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAHREU7NY9YAABWx1y0yHw&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AAHREU7NY9YAABWx1y0yHw&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:43 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AAHREU7NY9YAABWx1y0yHw&id5AccountNum=155&numCascadesAllowed=9
Date
Tue, 06 Aug 2024 09:21:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
GoogleRewardedVideo.e972c7de6bea1dec8eac.js
cdn.intergi.com/hera/releases/4.7.121/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.7.121/GoogleRewardedVideo.e972c7de6bea1dec8eac.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
942d7ba384b44c3dbc9d43c47f12bd288273b8c696eb088327bc23161bef3fb7

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:41:04 GMT
x-amz-version-id
kbxTHz4NYOhGFZN7Vi9OdvkUTeVL3tWR
content-encoding
gzip
last-modified
Wed, 31 Jul 2024 16:30:34 GMT
server
AmazonS3
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"1900dc34ccdca6c8c09513223df5e5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
492040
x-amz-cf-id
bGO4STVzCTWRDcXNv-85VrMeIHUUIvGEky8j0JBtB_o26cVdDLoUCQ==
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881133623149794&correlator=3836273320376417&eid=31079957%2C31085847%2C31085857%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408010101&ptt=17&impl=fifs&gdpr=0&iu_parts=154013155%3A22514073940%2C1022816%2C70668%2C1022816-70668-desktop_leaderboard%2Cpublisher%3A1022816-website%3A70668-flex_leaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=728x90%7C970x250%7C7x7%2C728x90%7C970x250%7C7x7%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1722936103225&lmt=1722936096&adxs=150%2C150%2C0&adys=346%2C1236%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&vis=1&psz=1300x1012%7C1300x1012%7C1600x0&msz=1300x-1%7C1300x-1%7C1x-1&fws=4%2C4%2C516&ohw=1600%2C1600%2C1600&topics=1&tps=1&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KkNyNV9YNnNIcFRfTjJQejBTRVRrckIxTHlLM3ZnUmRKdGUtN2dhbklVVDY0TWJvRi1IYzU5VXF5Y3FUdFNSTElYARI0CgpwdWJjaWQub3JnEiQwZTg2ZWM1OC0xYTg3LTRhNTktYTUwZC00ZDIyNGYzZmQ0ZDdYARKKAQoObGl2ZWludGVudC5jb20SdjUtdDkxL05IUVZRL2svN0txTHpGYXltMy80R1JJL0ozWTdjMEMyN2Q4dE9yeHY2eWEwODBwcWc5SHdQNUw2Qy94cWlCbjY5TVpvaFZucmJKN2p3OVVSNWV4VjY2Z0NKSmFqRUp1RVBma2xIVjc5dEZmaFdTajBYARIXCghydGJob3VzZRiOivq3kjJIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YlIX6t5IySABSAghkEhQKBW9wZW54GI-I-reSMkgAUgIIbw..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722936096644&idt=2083&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dtrue%26custom_path%3DROS%26lld_id%3D779161cc7b534158be30affeedbe9e7736101189%26takeover%3Dtrue%26direct_disabled%3Dfalse%26price_floor%3D0.21%26amznbid%3Do_1fu69kw%26amznp%3Dioiscg%26amzniid%3DJP_rvIpS5J9-AuI75WSoG64AAAGRJv6L2gEAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICB1vFq4%26bid_type%3Dserver%26hb_format%3Dbanner%26hb_adid%3D119d3328a29a8b39%26hb_bidder%3Ds2s_ix%26hb_size%3D728x90%26hb_pb%3D0.63%26hb_format_ix%3Dbanner%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.38%26hb_adid_ix%3D107da06f47c4178a%26hb_bidder_ix%3Dix%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.52%26hb_adid_triplelift%3D111be7d72e528e4%26hb_bidder_triplelift%3Dtriplelift%26hb_format_s2s_ix%3Dbanner%26hb_size_s2s_ix%3D728x90%26hb_pb_s2s_ix%3D0.63%26hb_adid_s2s_ix%3D119d3328a29a8b39%26hb_bidder_s2s_ix%3Ds2s_ix%7Cpos%3Dbtf%26slot_id%3Dleaderboard_btf%26refresh%3Dfalse%26amazonBid%3Dtrue%26custom_path%3DROS%26lld_id%3Dc5c53b3e3f5d4bfaa98e1e2d367d7dc536101193%26direct_disabled%3Dfalse%26price_floor%3D0.21%26amznbid%3Do_1fu69kw%26amznp%3Dioiscg%26amzniid%3DJMHD-I6bWLgoVed7PXo9t1gAAAGRJv6L5AEAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICANLbd1%26hb_format_s2s_ix%3Dbanner%26hb_size_s2s_ix%3D970x250%26hb_pb_s2s_ix%3D0.26%26hb_adid_s2s_ix%3D117964890614de3a%26hb_bidder_s2s_ix%3Ds2s_ix%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.53%26hb_adid_triplelift%3D112f42ab0769ff3a%26hb_bidder_triplelift%3Dtriplelift%26hb_format_ix%3Dbanner%26hb_size_ix%3D970x250%26hb_pb_ix%3D0.19%26hb_adid_ix%3D11007163aa973a4b%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_adid%3D112f42ab0769ff3a%26hb_bidder%3Dtriplelift%26hb_size%3D728x90%26hb_pb%3D0.53%26bid_type%3Dclient%7Cpos%3DFIXED%26slot_id%3Dpw-oop-flex_leaderboard%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Df4b2ae60f80e4b7c97fffcdfecb44d7f36103149%26direct_disabled%3Dfalse%26price_floor%3Dna%26in_view%3Dtrue&cust_params=pf_src%3Dml%26ad_clicker%3Dfalse%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26li-module-enabled%3Dt1-e1%26cc-intent-id%3D503316480%252C11000056%26cc-iab-class-id%3D680%252C384%26cc-iab-name%3DVideo%2520Gaming%252CNews%2520and%2520Politics.Local%2520News%26brand_safety_checked%3Dtrue%26salad%3Dchef%26dd%3Dpineapple%26di%3Dpineapple%26vd%3Dpineapple%26vi%3Dpineapple%26sitecont_cat%3Dgames_hardcore%252Cvideo_gaming%26tyche_code%3D4.7.121%26pageos_code%3D1.10.61%26config_id%3Dmobileinterscroller_2-enabled%26k1%3D95%26k2%3D93%26k3%3D2%26k4%3D1%26k5%3D0%26k6%3D0%26k7%3D19%26hour%3D23%26day%3DMonday%26OS%3DLinux%2520null%26browser%3DChrome%2520127%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D70668%26refresh_count%3D0%26tyche_version%3D4.7.121%26ab_test%3Dna_A%26dmp_ids%3D282%26page_focus%3Dtrue&adks=4128861661%2C4128860502%2C82756202&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
934a0e11be036dd3a91886554b6b7f95b05f9a2a3ebf1914493f09734349549a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29616
x-xss-protection
0
google-lineitem-id
-1,5978841780,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138383875214,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 09:21:43 GMT
expires
Tue, 06 Aug 2024 09:21:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26u...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=af0b65af-48de-4a70-b772-30e337dada32
86 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=af0b65af-48de-4a70-b772-30e337dada32
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
image/png

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=af0b65af-48de-4a70-b772-30e337dada32
Date
Tue, 06 Aug 2024 09:21:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usermatch
ssum-sec.casalemedia.com/ Frame 5544 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8aedf55a1c9002e8-MIA
content-encoding
br
content-type
text/html
date
Tue, 06 Aug 2024 09:21:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=am3ydogkG8bXn9PiaO%2BS84I33ZX75wMm41IbrOK1UIwwXAIlkxc39D%2FJwfwxHTxRmXhf44F9QclZW%2BkMvI0RX%2FhBXgvF331uSxaA39dI00U%2FbX841kvlfGmeiJRnMn953fiyjLuLAh%2BJQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
bbca919aea1dc40ddeed34d74ac655035240b8f3f471bbe260dd754479f94371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-175de"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 09:21:44 GMT
container.html
0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9006 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 09:21:43 GMT
expires
Tue, 06 Aug 2024 09:21:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=87095
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 06 Aug 2024 09:21:44 GMT
expires
Wed, 07 Aug 2024 09:33:19 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C407 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 09:21:44 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8988 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1072
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 09:21:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
usersync.gumgum.com/ Frame 462F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&pi=gumgum
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&pi=gumgum
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Aug 2024 09:21:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Aug 2024 09:21:44 GMT Tue, 06 Aug 2024 09:21:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&pi=gumgum
pragma
no-cache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0211
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=5baad550-1e5d-4173-a212-bf34df76401b
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=5baad550-1e5d-4173-a212-bf34df76401b
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Aug 2024 09:21:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 06 Aug 2024 09:21:44 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=5baad550-1e5d-4173-a212-bf34df76401b
server
Kestrel
pd
playwire-d.openx.net/w/1.0/ Frame A222
Redirect Chain
  • https://playwire-d.openx.net/w/1.0/pd
  • https://playwire-d.openx.net/w/1.0/pd?cc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://playwire-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
551
content-type
text/html
date
Tue, 06 Aug 2024 09:21:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 06 Aug 2024 09:21:44 GMT
location
https://playwire-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 50EB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 09:21:43 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Aug 2024 09:21:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ixmatch.html
js-sec.indexww.com/um/ Frame 74D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
984
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8aedf5615ddd3358-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 09:21:45 GMT
expires
Tue, 06 Aug 2024 13:21:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E6D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
48247
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Aug 2024 09:21:45 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
322, 2877
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760039-MIA
X-Timer
S1722936105.179206,VS0,VE0
prebid
id5-sync.com/api/config/ 		167 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
f
fid.agkn.com/ 		130 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.235.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-235-77.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
39feb0a067d5b56a5b8da71dcaec72c0a81fe1aec6a99ce099c85b7cd6d825ee

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:44 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
130
expires
0
any
idx.liadm.com/idex/did-0046/ 		130 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2&did=did-0046&cd=.gbatemp.net&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-108.compute-1.amazonaws.com
Software
/
Resource Hash
eaa67d8c5fe35b18965ef112565205d97dd7f1e1cea576f94052ac480009c430

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 06 Aug 2024 09:21:40 GMT
vary
Origin
request-time
6
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gbatemp.net
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
25124b798302ee3b
content-length
130
expires
Wed, 07 Aug 2024 09:21:40 GMT
bswsync
crb.kargo.com/api/v1/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=ae498af2-fe44-4362-b439-339840e30e09-66b1eb27-5553&gdpr=0&gdpr_consent=&us_privacy=
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=af0b65af-48de-4a70-b772-30e337dada32&dsp_uuid=&dsp_id=&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=af0b65af-48de-4a70-b772-30e337dada32&dsp_uuid=&dsp_id=&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
44.213.186.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-186-61.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//crb.kargo.com/api/v1/bswsync?bsw_uuid=af0b65af-48de-4a70-b772-30e337dada32&dsp_uuid=&dsp_id=&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 06 Aug 2024 09:21:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8F8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmPRskYSvoPa4OI71oRMm2w6wq8TCZLaLoZCz22W4SahPt-h1MqxOUQRnN66GnejBrltv_nx6seYkupIxfvGICgjmTNnITIGAvrPBQCa1v6OzLj0_1fBoB6V37sPDcKfXMaFLkQY7Z_l0Crxy6UnFeuOY24KoxlkYtARV3h4tgRVkscMoDClE5M_z-rvtOX1Y_Mn62gJZrs2KqEZlqatYd5pc61t4ObfFoEkeCHPICDnS04iwpZm19oWGtpmVSaSHrQtC6pG_AbSNH_yjX-3nB-Sa2iDOS0N88oR1QwpkSi5wfMXN1k02J6YtfudgA46qovZeD0-fcS4Sr6UEq1ZvoE7xKls_u0YISUnbqGth6cmCnPaDuAoWQ0S7sMurm7CpM8v99sWplTwPBTgXxmVKGAcNVsVG&sai=AMfl-YQNl61t-4-liSDWyHpAy_IGyusSpPl8XywitJ6mGAlveapaVxBVJJK9BWhNacT54R5xYPyV34D05I9lrJ7U6YVvbhB2BTyCkEQHmJq1_R-olMcfl6rrScJpzL-4NJA&sig=Cg0ArKJSzFEWYyTPq9hYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/ Frame 8F8B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/abg_lite_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 01:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
29215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
1548005776607054986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Aug 2024 01:14:50 GMT
ttj
ib.3lift.com/ Frame 8F8B 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6a00:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8392316ea58fa4c3c99f51fe987ab894d5a1aada00d496c28fc6c3b85a7ffa01

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:18:44 GMT
content-encoding
br
via
1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
210
etag
W/"e11489b15f6a28b9b555cb86eb470277ddeee18a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7-CVZzLP7cccKRkWxPZy71N9uHdSpAUwRAz3ldQ9SRBbWHTWOWcu7w==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8F8B 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 08:37:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
2660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 09:37:24 GMT
moatad.js
z.moatads.com/playwiredfp396232529225/ Frame 8F8B 		321 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwiredfp396232529225/moatad.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-161.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24be98e9f11c3a3228f925f9f2dca2d25dded65f0e14bd6dc216de198403571f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 09:21:44 GMT
content-md5
zjK2+c8UnBRnfDkS8snKvw==
storage-tier
Standard
content-length
111874
last-modified
Mon, 10 Jun 2024 06:28:04 GMT
opc-request-id
iad-1:yeTtD912lVbBUKs6-xCXdzfOwD4pT7mIiijwI94y6IttiprpOuSfEfVGwEvn0vjr
x-api-id
native
etag
cdc04975-af61-4013-a50a-d55c26ee3b54
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
4a42174f-5063-41ce-aa13-7ac0b80cdbfa
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=61877
access-control-allow-credentials
true
accept-ranges
bytes
notify
tlx.3lift.com/header/ Frame 8F8B 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.537&ts=1722936101&aid=35843064582317185234033&ec=5989_28740_537909985&n=GgDyAoYCCAASFzM1ODQzMDY0NTgyMzE3MTg1MjM0MDMzGAAgASjlLjDE4AE4wckCQAFIAVABYApoAHCJBJABAJgBAKgBALgB0gHAAZkEyAHjBPABAPgB8ASAApkEkQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgLIAgTYAgDoAsHJAvgChS%2BAA9gFiANakAMAmAMAoAMBuAPSM8gDANIDCTUzNzkwOTk4NdoDCTU5ODUzOTA5N%2BADoevUZ%2BkDexSuR%2BF6lD%2FwA%2FAE%2BQMAAAAAAAAAAIAEA4kE7FG4HoXrwT%2FABL0B0AQA2gQZMzU4NDMwNjQ1ODIzMTcxODUyMzQwMzMgMuAEAPAEAfgEAvgCDIgDAJIDBGM2MjeYAwGgA9LCLagDALoDDTM4LjEzMi4xMTguNzI%3D
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.42.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-42-219.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
aa8d4f2fa388bc4dbba73d1afd0f47595c15227653aae79a052436d2591b41e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://gbatemp.net
date
Tue, 06 Aug 2024 09:21:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2211485602329325570
86 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2211485602329325570
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
an-x-request-uuid
505bb354-84cb-47b6-878e-2acd1cbc848f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2211485602329325570
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
483.json
id5-sync.com/g/v2/ 		631 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
cfca1ac1d53fbcbb573078b71e43aef2d082a34af2a3f49b3e604ce490ef11cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://gbatemp.net
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
bundle.js
ib.3lift.com/rev/d4b710afc431b96f2132f5710e5952b6d273221e/dist/ Frame 8F8B 		208 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/d4b710afc431b96f2132f5710e5952b6d273221e/dist/bundle.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6a00:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdbf71b04eb597db5101f06cc511b6bfe2ea659f0e1e48650032631a5d0892cc

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:31:18 GMT
content-encoding
br
via
1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2024 18:30:51 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
485428
etag
W/"0bcef982169abab449b53e551b3fa402"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
yyWb3y1kSvo9iyA2Z6MSk1-6DivYOZGzufqBHph0_AAycr2BtqUqoQ==
truncated
/ Frame 8F8B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
466c7ddaaeba8a81dee01d27faa4740ed58166ad88bdef6c9505a4483ad8d6c9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 476F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1514
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 09:21:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
notify
tlx.3lift.com/header/ 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.537&ts=1722936101&aid=35843064582317185234033&ec=5989_28740_537909985&n=GgDyAoYCCAASFzM1ODQzMDY0NTgyMzE3MTg1MjM0MDMzGAAgASjlLjDE4AE4wckCQAFIAVABYApoAHCJBJABAJgBAKgBALgB0gHAAZkEyAHjBPABAPgB8ASAApkEkQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgLIAgTYAgDoAsHJAvgChS%2BAA9gFiANakAMAmAMAoAMBuAPSM8gDANIDCTUzNzkwOTk4NdoDCTU5ODUzOTA5N%2BADoevUZ%2BkDexSuR%2BF6lD%2FwA%2FAE%2BQMAAAAAAAAAAIAEA4kE7FG4HoXrwT%2FABL0B0AQA2gQZMzU4NDMwNjQ1ODIzMTcxODUyMzQwMzMgMuAEAPAEAfgEAvgCDIgDAJIDBGM2MjeYAwGgA9LCLagDALoDDTM4LjEzMi4xMTguNzI%3D&b=1
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.42.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-42-219.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb&aid=35843064582317185234033&rev=d4b710a&pr=un&bc=0.611&bmid=5989&biid=6021&sid=28740&did=42177&brid=521&adid=537909985&crid=217396641&ts=1722936101&bcud=611&ss=12&unid=0&domain=gbatemp.net&ref=https%253A%252F%252Fgbatemp.net%252Fdownload%252Fbatch-cia-3ds-decryptor.35098%252F&rr=creative&fid=10&rb=0&g=0&tmplid=422220&cb=75303
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb&aid=35843064582317185234033&rev=d4b710a&peid=1&fid=10&tid=0&cb=60340
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dyn
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=230710&string1=35843064582317185234033&string2=tc_new&cb=47150
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 8F8B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-85.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 02:18:05 GMT
via
1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
198220
x-amz-cf-pop
EWR53-C1
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
i5uhCnaaxsxepwxisc68RMkKmXjP4l9t-ZnfxbbgscY9sSBTtau9Mw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 8F8B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-85.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 02:18:04 GMT
via
1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
198222
x-amz-cf-pop
EWR53-C1
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
xAya35u7yS0HCK0RQz6b4CZiCR-TcNBDy6woF74d5JkKe6_2v_PsrQ==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb&aid=35843064582317185234033&rev=d4b710a&cta_render_method=1&cta_render_text=&cb=73371
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame EFA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDZ9rOdAhjhtb-AAjAB&v=APEucNWFl2exhTi9M5QlLClaVFXAD-Jk0B5Q8Q39wbjCS4WFexu3PY5Hxl8l55ZB1axDfqLTwlk2N0PlVdOPoT34-wxEoHAC4A
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 09:21:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C5D2 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 09:21:45 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame C5D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=971108&cmp=31167414&plc=382760423&sid=6522286&aufilter1=1024534&prr=1&ppid=103&autt=1&auevent=ABAjH0iSklwNNLxdYAPgRyoRtE6E&c1=1024534&auorder=1015095180&aucmp=20831519943&aucrtv=537909985&auxch=96&pltfrm=96&ausite=13223125242&turl=https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/&aubndl=&audeal=tlx-42177&dvregion=0&unit=728x90
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
08f3cf4ff32d4748152f207c2cbc2ad0cdee124ee01c28df49e427ab149e1d7b

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Aug 2024 14:03:34 GMT
Server
UploadServer
ETag
"22e57b58d8ebc550c6531c7614f3a91a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
920
Expires
Wed, 07 Aug 2024 09:21:45 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C5D2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
74a4afb23553a68020f1bbcd03e4a8f2486ed0c125864fc49619ef28c3ad5e46

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2024 13:13:11 GMT
ETag
"1de0b435abe14a352a6435eec18e2ae6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Connection
keep-alive
Content-Length
3633
Expires
Tue, 06 Aug 2024 09:36:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAVHLmRXCKykGof419T6jYtjQRuvE_8fwl9Zz1DgbnNY1Su9-noNDXp71bRD09QpKrMKzRC6QDMvEotcVgJYxc75-qRY2AgfzKwxkz7A4q4ec53sM
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb&aid=35843064582317185234033&rev=d4b710a&pr=un&bc=0.611&bmid=5989&biid=6021&sid=28740&did=42177&brid=521&adid=537909985&crid=217396641&ts=1722936101&bcud=611&ss=12&unid=0&domain=gbatemp.net&ref=https%253A%252F%252Fgbatemp.net%252Fdownload%252Fbatch-cia-3ds-decryptor.35098%252F&rr=creative&fid=10&rb=0&g=0&tmplid=422220&cb=95337
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dr
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dr?inv_code=PW_RON_Desktop-Leaderboard_728x90_pb&aid=35843064582317185234033&rev=d4b710a&disclosure_render_method=3&disclosure_render_text=Learn%20more&cb=99345
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7013907883779&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7013907883779&version=m202406030101&ct=76&x=96&cor=4212058188797243400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C5D2 		19 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ax3ezcb-PsKxc8HRfbtXzi5_N5KMjAcCXmnb60lc0NyKH8f22hjuCRlgdJfQLdz_mALJchOPVWU3hAVzX-30C6800P6poWVdYUWhxMS3z1npD7CP17CCYssUKrxJ0IblyclvdqX4XFTzoo_qghNNyGKM48xN3Ob03fL_zP7Ka5afgPn6Q&cry=1&dbm_d=AKAmf-BH6etA6qMS1itG35rtrbvLyHn4KUGg7BkNFo1XVwiZc-jfha16BSHYAtNc90326WbG-2QkYBNRrZWSu5WjEcURsldq7wifAdX7YiKexwQfw-2AZaaqf1zd358dRFrj4P6jtyqI-o0EqB_kLvBgy9tPUGhjWz90BYD4zC_AkoqBgV2b-aK-nDEejmOBZs33BAFYVGLKU3ATHkdIKHhsYnoI4mTzn4d6j1OvW1p56qJGnovdcV_CtLJpY9BIlhHIk2r3LQem0jf2-uwROrwn2Ue6wp_rVASxwS3osl2PhLoI-hByGBnPNlunWcWw3v6xg0bKm_I4bNJp6DqI5yJGROtWuJzcqTMCVI-oOxDyyIl0xWuA3IVxxWasbDrRHT-NneggT3fKMCSiSE3JLLQjVQMlMDEp_C4bK4LeHjLbra324_ZvqXLRmfCVNYG_fKJPX9BryqYwn50Dz32eFYq_2JLHYyzcU3Yl7j9cJPnOGQ1kIWg_Ge5y7HfQ9-VMhvQUZh_WJmT3_OkVFhFjDgyvLdLr3xtEf7ouoDh5-yAk62z4NsxSfEamK2bZjaFJVAOhfFxw-a_b1bf-p1_JrQpIJaBB9W2W6EPgDeMpAA8idZuVKHgMjPLwsG1zZOsRe31XdoLPgY-nVKp4PKv_kO8Wt9qE0HSlICMuij7SFkdU3UCuXocjWzYgriszYVpLuC7cb6EvT8pWdS7YPPMyoVQVRjpg_f5r2jQuBmP4yXx3SdMEdOhB8HgTko77c5jwGNxE106yrwVb7GMlOBCU_vPUeviY8a2QOq5G5wvLeg2_6TJ8vesdgnmDJFnDIlsJQGoO3lF-WZBKWATDA1MtyNWY_bPXwpkAI300_Jy9ZELkLrX6yqfnllTxSKz6_6d84XHQHAXYWqXAHzVvD4xJ0tv3alLPPwqgUmd45Pxu-lwmH0LHFAFW-MsJ5MNz_4OwOq4Dpm4uNLBOcWfcF0smREtG9e2HueZauRYmLyHAz40OLksQJeP-iwADWAkYQTKL2RVPEfi3uaOcQAT34yFaI7TmGGk_UUlkF9ap4GS1MABLrXHRzoyU5JIbkt8J92a2_TL8mygIcCldWrYKXH9dHiaPzcpQrqPyeHng6Gn_U3HuM5PApemPAkn8iJTJDZ9WOnYiz9ZE7U4Bn_m56cYxrueDotvXQULif0r4GZDAc1ws8sNZ94dY_Ewt9ATUJtGExh1NAVIhwJk9RsMl1kVpzc6wgrpUYL63rKQ7MEjYRpgLy_IXIbkZpFbVRYUEiI3oE4m9Agf-BU-gXiegjLhRw-bDeX8ubPO_qnMSr8MMCDV08Uj7tNzLMZ_BueaBzC8bGS-2HKhHvobdFKNHvi2mvxMDEDSzQFd8B9u9MdLbzds0kHcYjufpO-KE8HOz2KLJZ-04FDjZKhvAUTpF5_a1OMP7h590YEfBD9asVvXzJhWaJXuWd033a1RzIRXWis2ZbtEBNPcrsKZ-pMjVzuijtTCBPhPGHvhENu6W4zG4p2fSZkewr61ek0l5x_knrPj0T8Sk27HonfVQFN9k73yvf7iT2jaN26kV4pKDqAO10BvVQFK6arrxUOzZjh1DuLkyjkvWrAwd1FWG1LS4t1cvvrs70LbOZv15dLPaDHLLpJQTYTP6deiqfY-c8-5AOjAMqlQhNz0P1pY0gsVKrRgdlTAbbr1KKFdnWfAc2EKemG7PcOTEVVtw1T2f9N_ciuX9WmIeqFn9LUuHTvtOCyiLILhZOu7l6bUjZfoEJjVjKknQJUZlTrWcTmZ1kX0caR_UVHtgMR0sVOpyKDH2BV-bUw0HWwUHMfC7ywhEr_2kL23biHXtGkIHv2Iw43wRo9cYHsjhF5IWKckX-2NxL1joccGjqdy250kIi-GUEPHN4_K6h4_4v02ypo9orFZyM-AB-1EMuUWzmslbrrBYPBqAhX3C07UOwuOi-WMBK1aV6qtv1s2iAY86n31cdgaau9dUoYjLWDWf5c5Nq2ZIP7nbNv0WDUYIhawPAhdkxVjuYUwdeyw_TqC3YrstanwJdd6gWhQuD1T-8RV6mDu7plSgF2GbijBfo3D0KlSrXfELFSDiiuXAn3Xypb5xuIksXTculvr1Tsfk_GcmT5zYKNjt_5yKnE87RN_LGcuzCJVhqqAIRLTu_wVx3ud5jCSlY6xWkcJfE1M6BVruVprNedmOSauCUb24d7fN0W1g8hWL3_gvEGVZQz46PepZtYBcSB20wrj34QoZhP1mqroJXB2L5OlEQShXjUJbcdgqGAOo35Z-AWpMcgQ6x4e-tz_OxojzcZIHcE8f4HcU0A9Rn5d5Z1n0LiZ9UgJqzOqJVG7I62GvE-aLIZ6PDpPITzuZE88KkMRsZlfZchoYAZdsir6vZVvhNS06WD1OMRecP3fBzrQQKXFU4oDqFfo5y8ir5nKaTxtGQTEIXh5i2doXwlSaBMaqCvkQbiqUxN9VJQrobWh6VBmvFxxCFsJ3gF5AFJkiNWk_FLCANQDH_ZFwbJLUvRU_1TiAPBDmu2ncPFpfS5dZj39jjE8SyoUmeehfNjIEpTsqruKsQGVyyuXRjcl14dahWyRll-rKbZFZihd4oEudCAVxzQSa8T76pajJrgja3ilGA6KCwLehqiWQMFxogcvYp73-t6r_brDxAz4XvY58KO3_nH7JZzOHw-X8lr09wTlnXgbAkzx1b1KrHOIegHm5McUnSjcQhfL-BAu1nv_L3P7S4pCzusEQ9HPvUWsCXTnDh3xQWzGJf4yBvIPciZPhn790knsLLvj5EiNTdwvwfBc5wGdIuA5Vma0MGPrFXig6PZ4aAzDd346xRHWXMTspoko3USSl7AiUqXiDIEWWGmOHI0NBZC5O_7ON4clqqxGQgxk6jlkC_h1W_0h9RRzhurCBX4EQIw_mTu0C_LoeOLwajlCsho0dq_HX9eASBhcjbC3RIdK0MdPaj94XcifO_UEL9STeVhI6dBHHgSMaRdaFDq-yepv1_4ZFtiYdo0lVHR_np5tLNfFpI0qwO89ran2ZhJx9A9lMVJI2mUBnVml5fldecUiL--VAA6aLbTXFYChU2SNSjPXl-lnhHQWZstggUYDSrnr0TZxV9hLIa4QZpZU-KQceNNyJM3tXJZCYup96kwdoy9WiRmodX1sZ3rP3YSSfMoKOZxwBdk6K0n4EE2uzRro7mEZlle8nIlMq8encRU7sCOduaKDBk69WeJF3Fae5VT8I8LTw-cJJzvSyuilynJqOaASKnDanJzZkJG-drB4KEKaz4aV7U9551BiT_SbKX8_5d3fPoWNy4kqL3Gb7jTJ1MTtKoqJcjAZfMoKyx_025g6TGhkQkC2J_ral_yhwaw&pr=96%3A0.611&cid=CAQSMgDaQooL8STvg1s-_je9H2M9HFVjprA89HZ4QoWHIqXito3n4-fyo0sCDcW2jgmbpmYGGAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&ds=l&xdt=0&iif=1&cor=4212058188797243400&adk=1435551865&idt=169&cac=0&dtd=55
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
763a0f8f78859542b65e67c886a33a22e8be8263dd0e34fa6b2d3baff7698385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C5D2 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 08:52:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
1758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 09:52:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C5D2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 01:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
288953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Aug 2025 01:05:53 GMT
dvbs_src_internal131.js
cdn.doubleverify.com/ Frame C5D2 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal131.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0069c2aa00df2e106c18eb8877e53bffd7e69180c612f16d34951ff0abc16ca1

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Aug 2024 14:03:36 GMT
Server
UploadServer
ETag
"cfc4f9d0c9264180f0ac588c544aa991"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
20312
Expires
Wed, 06 Aug 2025 09:21:46 GMT
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.61/main.d2be99a3284800cd6ee8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
100.27.136.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-27-136-39.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 09:21:46 GMT
server
nginx/1.24.0
content-type
application/octet-stream
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1450 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
287288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Aug 2024 01:33:38 GMT
expires
Sun, 03 Aug 2025 01:33:38 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame C5D2 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_128384954684&jsTagObjCallback=__tagObject_callback_128384954684&num=6&ctx=971108&cmp=31167414&plc=382760423&sid=6522286&advid=&adsrv=&unit=728x90&isdvvid=&uid=128384954684&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_rdyst=loading&dvp_intrst=1&dvp_ttp=&nav_pltfrm=Linux%20x86_64&brid=1&brver=&bridua=3&dup=null&ppid=103&audeal=tlx-42177&auevent=ABAjH0iSklwNNLxdYAPgRyoRtE6E&aucmp=20831519943&aucrtv=537909985&auorder=1015095180&ausite=13223125242&auxch=96&pltfrm=96&aufilter1=1024534&autt=1&c1=1024534&turl=https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=2&prr=1&m1=15&noc=16&fcifrms=23&brh=2&fwc=0&fcl=1585&flt=58&fec=1373&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=178&eparams=DC4FC%3Dl9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTauU2%3F4r92%3A%3Fl9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6EU42%3FFC%3D9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTau&dvp_exetime=47.40&aubndl=&callbackName=__verify_callback_128384954684
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
61c56cd842a0efa575fd75b11ac9d744577a021de6d5c9b9418cffc9d3b4f221

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:46 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/05/2024 09:21:46
cm
u.openx.net/w/1.0/ Frame EB95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
581
content-type
text/html
date
Tue, 06 Aug 2024 09:21:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=1&pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
13fd788e3029258781365b79926216207c3a815db1a685da4298f283ec62f0ae

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:46 GMT
Content-Length
1058
Content-Type
application/javascript
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00
  • https://ps.eyeota.net/match?uid=2211485602329325570&bid=2cr76e1&referrer_pid=m51mh00
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2211485602329325570&bid=2cr76e1&referrer_pid=m51mh00
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:46 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
an-x-request-uuid
ab002d59-d6d2-46a4-9895-2be730107972
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=2211485602329325570&bid=2cr76e1&referrer_pid=m51mh00
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
lons7jax
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZrHrKgAAA7epkQAJ
85 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZrHrKgAAA7epkQAJ
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
3113
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3225
x-timer
S1722936107.834797,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
85
x-served-by
cache-mia-kmia1760030-MIA

Redirect headers

x-cache-hits
0
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1722936107.772717,VS0,VE28
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZrHrKgAAA7epkQAJ
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
0
x-served-by
cache-mia-kmia1760030-MIA
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2JBEaSFXiBkl18u0nnDH_CA9KrOdbwex-fIlqnFcFuIo
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=5baad550-1e5d-4173-a212-bf34df76401b
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=5baad550-1e5d-4173-a212-bf34df76401b
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=5baad550-1e5d-4173-a212-bf34df76401b
date
Tue, 06 Aug 2024 09:21:46 GMT
server
Kestrel
content-length
199
match
ps.eyeota.net/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=eyeota
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=SsNWRsmEW8pAOkwbyuhpjiaEdkg&gdpr=&gdpr_consent=
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=tpm4omv&uid=SsNWRsmEW8pAOkwbyuhpjiaEdkg&gdpr=&gdpr_consent=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:46 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Location
https://ps.eyeota.net/match?bid=tpm4omv&uid=SsNWRsmEW8pAOkwbyuhpjiaEdkg&gdpr=&gdpr_consent=
Date
Tue, 06 Aug 2024 09:21:46 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-65-180.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.60.150
content-length
49
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E11D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=87093
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 06 Aug 2024 09:21:46 GMT
expires
Wed, 07 Aug 2024 09:33:19 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
bsevent.gif
rtbc-uw1.doubleverify.com/ Frame C5D2 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-uw1.doubleverify.com/bsevent.gif?flvr=0&impid=ab3a8587b495431981f3ef027bdedabf&dvp_ac_version=0820&dvp_adfr=1600x1200&dvp_adad=970x250&bsigr=4328784129&cbust=1722936106822940
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal131.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gbatemp.net
Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-08-05T09:21:46
adj
bid.g.doubleclick.net/xbbe/creative/ Frame C5D2 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXUXB-Otiap8VdZMm5sONr8d9BRGNCNl82hHbdspLSdFQdaUkQ&d=CokBAKAmf-AT24mPJjaQzxELnvkYMZCgUSwFLNN5suEUX4z72Zhn6ml8Mpy6u_TB521-4DsTV6qlsx9pFVFrq87-Y1CaNemsUtijvGqqtsuvASE665Dyv3vC_emfYXoelMV5GahKwtPs1js-IzU7lZncZ9Dqjc-E4QEV6Vhftv6vOKB7UVdK5sC42noS2Q8AoCZ_4B4IE_0vOiuJx0w35QYuihcc_7pY8wWjQz1r_K0FUa-vbGeQNTBbbqG1m5bUMqHJ3a9i6mik1v2EHqtiFXDxoyn9_rKeMw1EcrqgUAlKiSH6MOnwv5WiGoVsbZmJfTR_CbSMzvxA5DzWGUFFltzjAG_4iU1HrX779hGO3gCMF6CEuVwvT0JGXT5lcaIZbiS1pdhyFyMZM9CModXKEGPCFH0fooECRvJL9gF9_JsxPkTKz9U7x6mXzjH7zJ5KQghacbsdsUqVBOxT4MNq5OW5YCOTw_fdcTnG7iPUjHt_PrclyRzP15VZV0WC0MS18I9q09LXLjGaILlIHCWmZiDShZ0B-9PXNUKxtM_bd14q0oguZCp-IoTRkqAImuEzq7Qvi3HO8pfOrhbYu9FjSantYZSrYyauvtHNNp0qXa5UZJnRycIOWllSdcxNTtEZvYfsSYmoHz6lLjmr2KKuNykIpU2Hzp-6CBJhJSZuzj3uCZOzGJ0VecsqFlQQuuo341QzU9hyAsE2BgxF5V_TeZqn1RPp7jIVBTM92EEBHQVbq01dkIlRonne1uRNMHzXHOHl_5B9ADBVv4Fdl9u2IEXGQx9SO_mpr2LBkhVdGD3K8ckz5mi6okvButuq2hq3trHohxaizuT_jXzL38CwtX1kd-DrPtQOQyglTE9GSQSg-IkjX7AAfdt6DeWPo_5WXm1_phtVqI_Enrmhcprdea0sFtFPOCm61JpzQSozcS-Lbbou0n2Y9buGpjD3UfIogqBg70FUUZ9jrVy49ty3u_4V-2ZpIHUH5l_2HfqMeFgxDGleHTrpKBWcLTWymiIPfUi-tFSfXV4utRt8mXDiN7NvLXcpXiMMlxPlK6LZprBBUZVrWvtza0YNc5h9piLksU6XmSKjmTP0wKyc-uoGErPoYtNuM8a_Bhuck0v74mIVFRauWpM0QpPO-OHPUoldw8RooGXbFKmeyEbRMSVK5schKAyt_MFofNM1IsZs0IrNO2E_TBd_eIcSfGj2iwb1Iu1AyFZKdLrYeNmsjHX0_Dx8LTiKBwJD2FaiMzbx1OjgjscgjCIr9XnXToG5xCuFmUcYFtX6oo-q-_Jc_rT_DcttgOg8041HjFF7U1Umm1EPQQpmCJ5ywhtBl_7LdmHqKkzwRBqYPESsSt2gp064rXnUzpJRCWfMlsRkDUCT8Bk3ZcgEau413lueORkR1lVB_hi6p4FqNvTTUUZ2fl_Jj5aFMKfj6--UCncwIAmU3KBC6NEQluWicGXeFy7JQRGkgeMx0UwKRutWjvxbC5X067QaIxH-hZbIYmLsf1YiNKkhK-tnuJjUkW1tkeOqzUVtVcdzqeVMyGYRfF0kj6dtl-Jb2VovxUkw4ke3YrD6jM2ERp_dHHEZkhTZbyeV0kA6jpwlqEjqmuH7gsuS8G-iQt6OhcqQzV26nPmzfmmygE2gaJ-MHBZTNxpknDovObPdmOJROnKQuNWLpahIhsg28EyPgEleyh6tttyJtHt82JlSyqhfSoF9dFVa2HQrYLUnG5FCZckZVMPupYHhr--OT0bYRtJnnY731viPk7dHR0p38MfGtI0RHz6_oi7L4Xe7rEwxtwLQvBbB1IlVQt8plGDkq3X3n9-pFHWo93r-HT1dRtCenNeaq_lYnRi-FblLDRL7uRLgUszY7cvIt8-Ir7VxYJPSLfzFc9S5Bk73JwYOQ8WKW7sx4v4Y1KoSKkAvYCa_fteaakUqbKe6USeG-zHoHgWQh3qtnkK_25V1MZxdNC2A2pn28QaAUKnZiyqzW71WOfsRa46VbWNOMCU5RfHihZuO1oYa1hAO8yvnR9IhPyCfb-z_C7r3_neGLaOx0TcHFaMrvtZwPwtQP0YA7wdch3HN2porwI4tINAj7XVx5Zat0gY37WJwF1dHiO6W-rBt_lp6A-2rjo-7SJBFbgqZ3qVFoLkRymJwqWlk1DEnMYgndOschiaPEn_6fthOTgQ0BeGF5OBaiLQ6LouijEFxuE36rM7X4Ej96VshaCs6bqSZpLq_x_t9TwJLy1KYMDpj4ubJU1YkiPRx1GQ1E0EmrZcFo_1ur_nO8GLJpbuYqJav6CfxRZHSMQ1wF8Q-0FGua1hRta7ZUtuD-LfdX1HAAfhcxs0aQXpUTWsMVtKS9t988YocMnjnbmzlKUtAoBMoId-pSBH6d_hlaRtXYtdlD0XZld6YxGJyff4QwEGo_hMWWk_o5Bm-8en8kpQp7Ft_OXA-0BrhBug5GpzV39WSWetYROwqYT7Iw9UM-oXwom088rzB2lJeZeJWKwnf8ZhTnJn7uN65_Vg-BQRpZA5KtiD9eSIAiKoi9QnpOgY1y7clHVqxZ4aUkoQcozvS70CFNXYZOTLoUqgzJmW5XRpCeWxgarCcgv7rgBpe8XK38Y9aCnymJGVBt-AmGjyfvUhVkD5BKzadDochmOamHI5Wbv2uL7RFGxQ5995gJ746XAH9EKCMVVtIiZWT2EE7KHQ-Bro2BEYE18p-aQSRpBp6XBatkR1gYJn48AWRTL6B4Su3L2Nj4Tp355zGm_-FDEixOfjZS6wgLKLFXR4hi8uKSiAgaOA4UtMP4FeZmNpBZ1FUW_q2v3xA0q7GQFBRCkt6RZ7E4nbvUuW8pMcSDuyD0qgvkKUHP5rdwBLoailk6H8vdsBvSRo4CAQSMgDaQooL8STvg1s-_je9H2M9HFVjprA89HZ4QoWHIqXito3n4-fyo0sCDcW2jgmbpmYGGAFgAQ&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DPW_RON_Desktop-Leaderboard_728x90_pb%26aid%3D35843064582317185234033%26rev%3Dd4b710a%26pr%3D0.537%26bc%3D0.611%26bmid%3D5989%26biid%3D6021%26sid%3D28740%26did%3D42177%26brid%3D521%26adid%3D537909985%26crid%3D217396641%26ts%3D1722936101%26bcud%3D611%26ss%3D12%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D92583%26rdir%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
cafe /
Resource Hash
a60092e4765101bdbea46cd2176875bf67c2a7f644895d2780d32496e6147a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25732
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-uw1.doubleverify.com/ Frame C5D2 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-uw1.doubleverify.com/bsevent.gif?flvr=0&impid=ab3a8587b495431981f3ef027bdedabf&dvp_ac_version=0820&dvp_adfr=1600x1200&dvp_adad=970x250&bsigr=4328784129&cbust=1722936106827232
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal131.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gbatemp.net
Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-08-05T09:21:46
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240801/r20110914/ Frame C5D2 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240801/r20110914/abg_lite.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
1ce6e5150e4f2d8421181b85a0f04d8cb44522e028bd852ced5396552c483551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 21:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
41918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11751
x-xss-protection
0
server
cafe
etag
13175633136872629042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Aug 2024 21:43:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240801/r20110914/elements/html/ Frame C5D2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240801/r20110914/elements/html/omrhp.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 21:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
42034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Aug 2024 21:41:13 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C5D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1m0fzl699jPMpLLHyFZryqTBLGe4lLEmFeTDJoMBOFb-CW6YQ8YCrQG618GhK8iFm6KM6D69NKs3QjdEXsW7VNguwo_y9ro8kVgd7qFvbMNB8iNGlowTTTwPXPk6KyU2fpfbsfz50co-zJLE9-PQDAw8Qwjs3paadp9dZiwLvAUxBQmD2_Ldy7RFBOmBmh3lIKN7D7749Zzyn9YxkNyxlFSfK0tbyhQ&sai=AMfl-YT2X2VGRmWwSUu0ItVZrAEvO1Qtc5KHfW3H-p75C54yQgrHitvczEFHqsnwg735bNb8KWdtVkUMJMcu4yF2y0BmcZtz24vWow0FvOOJX0dilPaq6kjNWFIta3zqrrs-e5UvBmj8WeXK4zlCPsXZSefhxd1xDgVDPA&sig=Cg0ArKJSzAwbl6wqPQpiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=6&cbvp=1&cstd=0&cisv=r20240801.75445&arae=1&ftch=1&adurl=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Aug 2024 09:21:47 GMT
ca
choices.truste.com/ Frame C5D2 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=comcast01&aid=comcast01&cid=%ebuy_6522286_382760423_206363576&js=st_0
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-47.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e1b682ded37beb88e10acab3b967f3435b20dfc9eb1735e3c874ee7546bcb99a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 11:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
JFK50-P3
cross-origin-embedder-policy
unsafe-none
age
77527
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7403
x-xss-protection
1; mode=block
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
YLXNTvNpPoAsOXHBYbFy6pfIBM_HBqYwVtcaciU_XjlHY8ljoOSWWw==
expires
Mon, 05 Aug 2024 12:49:39 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C5D2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=971108&cmp=31167414&sid=6522286&plc=382760423&num=&adid=&advid=8025626&adsrv=1&region=30&btreg=574355468&btadsrv=doubleclick&crt=206363576&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
74a4afb23553a68020f1bbcd03e4a8f2486ed0c125864fc49619ef28c3ad5e46

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2024 13:13:11 GMT
ETag
"1de0b435abe14a352a6435eec18e2ae6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Connection
keep-alive
Content-Length
3633
Expires
Tue, 06 Aug 2024 09:36:47 GMT
event
comcast.demdex.net/ Frame C5D2 		42 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcast.demdex.net/event?d_event=imp&d_src=1478&d_site=6522286&d_creative=206363576&d_placement=382760423&d_campaign=31167414&d_cb=436332175
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.43.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-43-168.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v062-07a208020.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
c58hrNebQo4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
d.agkn.com/pixel/10690/ Frame C5D2 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10690/?che=436332175&cmid=31167414&sid=6522286&pid=382760423&cgid=574355468&cid=206363576&aid=8025626&gdpr=&gdpr_consent=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:e600:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:47 GMT
via
1.1 f875ba0ddbd90a5e7c9a82af3af607f6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
Zv-_6Wa3WDQSemStFci96q8sc8tbyeuBaPzYf5rxyZl8TY3BoFVGPA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
dv-measurements6569.js
cdn.doubleverify.com/ Frame 62C0 		402 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements6569.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
eb258a268b850baf5d93bd6212ac19a1c85c6ee2d6d5e220ae66fc1a58ac3fbb

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2024 08:18:19 GMT
Server
UploadServer
ETag
"31782a2dbf3f133771a8c4bad0cc175c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
97800
Expires
Wed, 06 Aug 2025 09:21:47 GMT
event
comcast.demdex.net/ Frame C5D2 		260 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comcast.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk_6555402346030737
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.43.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-43-168.compute-1.amazonaws.com
Software
/
Resource Hash
e8ed6782481babf82315eebf32b2cf434874bafc0ee496b79b17bcdbf92525a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v062-0ef1c8265.edge-va6.demdex.com 6 ms
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
7X1icC3HSbw=
content-type
application/javascript;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
218
expires
Thu, 01 Jan 1970 00:00:00 UTC
view
googleads4.g.doubleclick.net/pcs/ Frame C5D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1m0fzl699jPMpLLHyFZryqTBLGe4lLEmFeTDJoMBOFb-CW6YQ8YCrQG618GhK8iFm6KM6D69NKs3QjdEXsW7VNguwo_y9ro8kVgd7qFvbMNB8iNGlowTTTwPXPk6KyU2fpfbsfz50co-zJLE9-PQDAw8Qwjs3paadp9dZiwLvAUxBQmD2_Ldy7RFBOmBmh3lIKN7D7749Zzyn9YxkNyxlFSfK0tbyhQ&sai=AMfl-YT2X2VGRmWwSUu0ItVZrAEvO1Qtc5KHfW3H-p75C54yQgrHitvczEFHqsnwg735bNb8KWdtVkUMJMcu4yF2y0BmcZtz24vWow0FvOOJX0dilPaq6kjNWFIta3zqrrs-e5UvBmj8WeXK4zlCPsXZSefhxd1xDgVDPA&sig=Cg0ArKJSzAwbl6wqPQpiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=70&dett=2&cstd=0&cisv=r20240801.75445&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Aug 2024 09:21:47 GMT
dv-measurements6569.js
cdn.doubleverify.com/ Frame 97D3 		402 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements6569.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
eb258a268b850baf5d93bd6212ac19a1c85c6ee2d6d5e220ae66fc1a58ac3fbb

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2024 08:18:19 GMT
Server
UploadServer
ETag
"31782a2dbf3f133771a8c4bad0cc175c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Content-Length
97800
Expires
Wed, 06 Aug 2025 09:21:47 GMT
visit.js
tps.doubleverify.com/ Frame 97D3 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=187&ttfrms=35&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTauU2%3F4r92%3A%3Fl9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6EU42%3FFC%3Dl9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1565&ddur=61&uid=1722936107314875&jsCallback=dvCallback_1722936107314556&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=6569&tgjsver=6569&lvvn=28&m1=96&refD=2&referrer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&fwc=0&fcl=1585&flt=58&fec=1377&fcifrms=25&brh=2&dvp_epl=330&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/&c1=1024534&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&audeal=tlx-42177&auevent=ABAjH0iSklwNNLxdYAPgRyoRtE6E&aucmp=20831519943&aucrtv=537909985&auorder=1015095180&ausite=13223125242&auxch=96&pltfrm=96&aufilter1=1024534&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=134572809.69980803&ee_dp_sukv=134572809.69980803&dvp_tukv=72242271.57424268&ee_dp_tukv=72242271.57424268&dvp_tuid=1176311139030&jurtd=3690451103
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
063f449977d8d83092481d44ae328c36694d99c548a1827a2ddfd252b0fbd139

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/05/2024 09:21:47
visit.js
tps.doubleverify.com/ Frame 62C0 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=167&ttfrms=10&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTauU2%3F4r92%3A%3Fl9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6ETar9EEADTbpTauTau832E6%3EA%5D%3F6EU42%3FFC%3Dl9EEADTbpTauTau832E6%3EA%5D%3F6ETau5%40H%3F%3D%4025Tau32E49%5C4%3A2%5Cb5D%5C564CJAE%40C%5Dbd_hgTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1565&ddur=61&uid=1722936107355210&jsCallback=dvCallback_1722936107355782&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=6569&tgjsver=6569&lvvn=28&m1=96&refD=2&referrer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&fwc=0&fcl=1585&flt=58&fec=1377&fcifrms=25&brh=2&dvp_epl=330&noc=16&nav_pltfrm=Linux%20x86_64&ctx=971108&cmp=31167414&sid=6522286&plc=382760423&crt=206363576&btreg=574355468&btadsrv=doubleclick&adsrv=1&advid=8025626&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=134572809.69980803&ee_dp_sukv=134572809.69980803&dvp_tukv=11402998448.337189&ee_dp_tukv=11402998448.337189&dvp_tuid=1584416393007&jurtd=1213174403
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2e040eedc0aa174df6826a6b573897621a161f33be526c9a2b40451af40cbaa9

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/05/2024 09:21:47
/
servedby.flashtalking.com/imp/8/224958;7866938;201;jsappend;XfinityUS;BUSQ12024B2BCENNONDT7866938FT728x90/ Frame C5D2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/224958;7866938;201;jsappend;XfinityUS;BUSQ12024B2BCENNONDT7866938FT728x90/?ftscw=ebuy%3D31167414%3Besid%3D6522286%3Bepid%3D382760423%3Becid%3D206363576%3Beadv%3D8025626%3Beaid%3D574355468%3Berid%3D206949731%3Beexpid%3DP2L1WPH%3Beexcid%3D%3Berv%3D1%3Beiid%3DCL3pg5WF4IcDFSILiAkdpow1zw%3B&ft_custom=8025626__31167414__6522286__206363576&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&us_privacy=${US_PRIVACY}&cachebuster=655540.2346030737&ft_keyword=%7C%7C382760423;382760423&ft_section=43952820952067770800686883245441866040%7C%7C382760423&ft_c1=382760423
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.143.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-143-51.deploy.static.akamaitechnologies.com
Software
prod-xre-app6.ash11 /
Resource Hash
aebec7f07d1897a605d5c4020db8b90df73d8e844d71817eeca21ff3f3d35450
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Allow-Fenced-Frame-Automatic-Beacons
true
Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app6.ash11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1155
Expires
Tue, 06 Aug 2024 09:21:47 GMT
ftUtils.js
ajs-assets.ftstatic.com/ Frame C5D2 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-19.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
962a4f3c063556346c63a1efe40dd2ea0229138502368fad81a8d95e2958ac54

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:47 GMT
Content-Encoding
gzip
Akamai-Cache-Status
Hit from child
x-amz-request-id
K88RA4C7DYP4DM26
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
26471
x-amz-id-2
ZatpFA1jt/9bppA5gJdMc2PnLyGthljv7ortuKloL+r+q4SaBMHGvwd3lH/ltRHmF4oqqY/KHT8=
Last-Modified
Thu, 25 Jul 2024 16:51:58 GMT
Server
AmazonS3
ETag
W/"451efecfeb85388653735d89cb9a85bc"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=86400
X-Varnish
517345635 517440285
Vary
Accept-Encoding
Accept-Ranges
bytes
Expires
Wed, 07 Aug 2024 09:21:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQzQ5LidNWOJ-HaJNKoXPX-Qwhjfsn9FKqWcIKS8eN_7g28daozCluQaGippXG1OKoRXdWXN-HOUsxJ1woW97BmbgUzc0RsNRwT2NhUJ8iqf7MEYmNrGVtVdeTUXSYNisiWRKHCIfevCDpXo7ZFurAYdsqVWtm9p0ktTm5hVUcqBDKrBIEh49_J5WG9bQpr_wVMsjHWzjE0t6qaQNRom7qWLbkerKKh0v-vvjDHoB0dVR-fcDETenUsAyLq2KIhTkPdzZ70IhQ7RxUS9x7qM6jVSfmAecdainMUgCiRjtuBjXFTfhdbzyk910VpeZTIrDYjiutyKFw1fC1t3L46GtKQbo5YIMVvmlGWWuVTvKM9QeLm-tb0rOgcqeA2isBX5W6fM5J0b_cHtlQbCR17aLFqfNYluFg6tY&sai=AMfl-YSPZBBqQLLjGENhxsDzlSc07-QUQtiEaCEV0XMa08BIrYjLrEPCDfT3afHMfPwblK5WzCcziS6D2DSK-4wJS06N7YqaFl5K4LCASNeff-0vgGP26b_07C-hOhU3du8&sig=Cg0ArKJSzPIR6I7AUuQ2EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Aug 2024 09:21:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408010101/pubads_impl.js?cb=31085847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
b44ef8b9775648ccd49170eff885e21f3546e00f3a185a86069a9d4ddc75a91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12872
x-xss-protection
0
sync
eb2.3lift.com/ Frame 4FA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=56203
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1277
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 09:21:47 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
4614372.json
agen-assets.ftstatic.com/display/7866938/ Frame C5D2 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/7866938/4614372.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-38.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2554a7a6577e98d02c962a69fbaa17d4ad43e650edee5648ffda63bd160252de

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:19:19 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.1), 1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 Jul 2024 21:20:29 GMT
server
AmazonS3
etag
W/"45943ad9ca9724489af9c71402f6e35d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
1044094283
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
xZ4budnl7Uiyg8KsnCDeBWHeyiMvB2Vj-qkGx1gqGFeXVz-8InQXVg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Aug 2024 09:21:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 294E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
288531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Aug 2024 01:12:57 GMT
expires
Sun, 03 Aug 2025 01:12:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5CC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f147.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0Zcjpx8Pn8dw0SHZc7uSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0Zcjpx8Pn8dw0SHZc7uSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 09:21:48 GMT
expires
Tue, 06 Aug 2024 09:21:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
segs.js
cdn.flashtalking.com/feeds/comcast/FBI-3250/ Frame C5D2 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/feeds/comcast/FBI-3250/segs.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.204.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0573af9aeef191b64044eef3fb139d68329f1128515833e5a7ea87ae66f5eab2

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:48 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
398
Last-Modified
Sat, 13 Jan 2024 09:00:08 GMT
Server
Flashtalking (AKA)
ETag
W/"0521f5c77b1c5991f9c80188cfbfdac6"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
444843465
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
max-age=1200
Access-Control-Allow-Credentials
true
Access-Control-Expose-Headers
Content-Range
Access-Control-Max-Age
86400
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Expires
Tue, 06 Aug 2024 09:41:48 GMT
index.html
cdn.flashtalking.com/157924/4614372/ Frame 232D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/157924/4614372/index.html
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.204.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash

Request headers

Referer
https://gbatemp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1204
Content-Type
text/html
Date
Tue, 06 Aug 2024 09:21:48 GMT
ETag
W/"c725d7c5905259412c1a7fa8ff753912"
Expires
Tue, 06 Aug 2024 09:41:48 GMT
Last-Modified
Mon, 12 Feb 2024 19:28:28 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-FT-Origin
us
X-Varnish
514705703
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame C5D2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.204.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 09:21:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
413862034 236107414
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Wed, 07 Aug 2024 09:21:48 GMT
ibs:dpid=3047&dpuuid=60621933CEDF7B&
dpm.demdex.net/ Frame C5D2 		42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=60621933CEDF7B&?929173474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.43.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-43-168.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v062-004364cbf.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 06 Aug 2024 09:21:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
sUqcUTZ4Suw=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
st1
choices.trustarc.com/jsi/ Frame C5D2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/jsi/st1?aid=comcast01&pid=comcast01&cid=%EF%BF%BDuy_6522286_382760423_206363576&sz=0x0&c=te-c79d&rand=0e7a
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-39.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
46f1d1b8c6c390eb3448b35893b3880bdc6f03d2c0a50f915fe6f607e5f093ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
JFK50-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2141
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
FFLee3xG9vnf4gTpc6vrkaod2shcFIPI60KdO_t1Q3aPeQELs-BofA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame C5D2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/get?name=st2.js
Requested by
Host: gbatemp.net
URL: https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-39.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
7044b0c225fd6df66c4f91e37a14a293860937e48b1deee5875279ffb9f32555

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 10:10:06 GMT
content-encoding
gzip
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
1638702
x-cache
Hit from cloudfront
pragma
public
last-modified
Wed, 10 Jan 2024 03:10:26 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
C343514hhSuSFBtt0pxKlc0A6p0kUds4vdJznlacuwB323GyBvm-dQ==
expires
Sat, 17 Aug 2024 10:10:06 GMT
/
ad-events.flashtalking.com/state/7866938;4614372;32660404;271;6A599260-0B2C-86D7-D907-64E6C34A2E95/ Frame C5D2 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7866938;4614372;32660404;271;6A599260-0B2C-86D7-D907-64E6C34A2E95/?cachebuster=880175592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.226.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-226-19.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:49 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame C5D2 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7866938;4614372;32660404-302-0-60621933CEDF7B-371304685
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.204.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:49 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Tue, 06 Aug 2024 09:21:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7013907883779&version=m202406030101&ct=76&x=96&cor=4212058188797243400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 134C 		283 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98a99f79012f74d2b4f3fe61df46b6c0f75807bb253dcdb450c4c2b2dff4efb9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon-32x32.png
gbatemp.net/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gbatemp.net/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57113c8501aec17035dc3e4547102057b0b35d6fd0231dab05fce20a57aac5c4

Request headers

Referer
https://gbatemp.net/download/batch-cia-3ds-decryptor.35098/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90530
cf-polished
origFmt=png, origSize=2247
content-disposition
inline; filename="favicon-32x32.webp"
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 Dec 2019 15:18:59 GMT
server
cloudflare
etag
W/"5e0b66e3-8c7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxZ9tqN8ImXVsCa3BFs7n7RrS7HAqKOalGjPHytLpf74SKACfJzeyPNYWYOx1gqCfdmRx8UtAKeQ3ISUtZik1cBcoP45u0kkCFazMkuTzJM2phdsdRL88bjZhA5p"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
cf-ray
8aedf57c6ae0036a-MIA
expires
Fri, 23 Aug 2024 18:20:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P2QEWTVBNB&gtm=45je47v0v895424439za200&_p=1722936097337&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=95250753&cid=362579429.1722936098&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEII&sid=1722936099&sct=1&seg=0&dl=https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F&dt=Batch%20CIA%203DS%20Decryptor%20%7C%20GBAtemp.net%20-%20The%20Independent%20Video%20Game%20Community&_s=2&tfd=13404
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbatemp.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame C5D2 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7866938;4614372;32660404-307-0-60621933CEDF7B-515759029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.204.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:49 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Tue, 06 Aug 2024 09:21:49 GMT
/
ad-events.flashtalking.com/state/7866938;4614372;32660404;202;6A599260-0B2C-86D7-D907-64E6C34A2E95/ Frame C5D2 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7866938;4614372;32660404;202;6A599260-0B2C-86D7-D907-64E6C34A2E95/?cachebuster=426240758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.226.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-226-19.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:49 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
event.png
tpsc-uw1.doubleverify.com/ Frame 62C0 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-uw1.doubleverify.com/event.png?impid=5fcf220bdc01416da4757f96a5ed48d8&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&ee_dp_btreg=574355468&ee_dp_btadsrv=doubleclick&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&pltm=1&ee_dp_jltm=1&iskpm=1&ismmm=1&isocm=1&dvp_atali=1&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=390&eoid=23&te_strt=1&te_init=7&te_sup=2&te_exec=2&msrjs=6569&dvp_ac_version=0820&dvp_adfr=1600x1200&dvp_adad=970x250&bsigr=4328784129&tagsrv=1&sdf=67108868&vit=2&rmi=16&tltms=61&tetms=18&msltms=132&vltms=390&sei=290&vetms=13&tuviims=178&tuviems=581&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=394&msrcannum=4&ee_dp_tmads=2515&ee_dp_msrcanlt=2%3A1%3A(0)%2C8%3A1%3A(0)%2C32%3A3%3A(0%3B0%3B0)%2C64%3A3%3A(0%3B0%3B0)%2C128%3A2%3A(0%3B0)%2C256%3A1%3A(0)%2C65536%3A3%3A(0%3B0%3B0)&ee_dp_btros=32%3A3%3A(0%3B0%3B0)%2C64%3A3%3A(0%3B0%3B0)&ee_dp_btsc=32%3A3%3A(a-1-0%2Fimg-2-0%2Fiframe-2-0%2Fdiv-17-0%2Fframe-1-0%2Fsvg-5-0%3Ba-1-0%2Fimg-2-0%2Fiframe-3-0%2Fdiv-17-0%2Fframe-1-0%2Fsvg-5-0%3Ba-1-0%2Fimg-2-0%2Fiframe-2-0%2Fdiv-17-0%2Fframe-1-0%2Fsvg-5-0)%2C64%3A3%3A(a-1-0%2Fimg-2-0%2Fiframe-4-0%2Fdiv-18-0%2Fframe-1-0%2Fsvg-3-0%3Ba-1-0%2Fimg-2-0%2Fiframe-5-0%2Fdiv-19-0%2Fframe-1-0%2Fsvg-3-0%3Ba-1-0%2Fimg-2-0%2Fiframe-6-0%2Fdiv-19-0%2Fframe-1-0%2Fsvg-3-0)&ismms=33&isumms=33&nvr=2&isgmmims=33&isgmv4mims=33&elmtp=3&isbxdms=2441&b0=2575&adhgt=25&adwdth=41&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2575&sftb=2575&msrdp=4&naral=2&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&iscvmeas=434&ishvm=1&istchm=1&isascm=1&isaclkm=1&isscrlm=1&engalms=32&engscrlms=1086&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&vstsz=3752&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3410
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements6569.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gbatemp.net
Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:50 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-08-05T09:21:50
event.png
tpsc-uw1.doubleverify.com/ Frame 97D3 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-uw1.doubleverify.com/event.png?impid=7e87cc3b46aa421985d7728e413903d5&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&pltm=1&ee_dp_jltm=1&iskpm=1&ismmm=1&isocm=1&dvp_atali=1&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=430&eoid=21&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=6569&dvp_ac_version=0820&dvp_adfr=1600x1200&dvp_adad=970x250&bsigr=4328784129&tagsrv=1&sdf=67108868&vit=2&rmi=16&tltms=61&tetms=25&msltms=62&vltms=430&sei=289&vetms=21&tuviims=223&tuviems=674&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2589&ee_dp_msrcanlt=8%3A1%3A(0)%2C128%3A2%3A(0%3B0)%2C256%3A1%3A(0)%2C65536%3A3%3A(0%3B0%3B0)&ismms=1120&isumms=1120&nvr=2&isgmmims=1120&isgmv4mims=1120&elmtp=1&isbxdms=2527&b0=1517&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=1517&sftb=1517&msrdp=4&naral=128&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&ishvm=1&istchm=1&isascm=1&isaclkm=1&engalms=1117&dvp_hdnAd=0&dvp_dpr=1&vstsz=3734&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3496
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements6569.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.243 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gbatemp.net
Pragma
no-cache
Date
Tue, 06 Aug 2024 09:21:50 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-08-05T09:21:50
pixel
ps.eyeota.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=2&pid=m51mh00&t=ajs&uid=user_1695d1a7-92be-4a53-abb1-5f9aca54ab97_1722936100317
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
d9fda4f3a2a61f8b487d827d29ba726e062cb70145fdc9cc93188af106ea2840

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:51 GMT
Content-Length
1289
Content-Type
application/javascript
match
ps.eyeota.net/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7ri0rgu%26uid%3D%23PM_USER_ID
  • https://ps.eyeota.net/match?bid=7ri0rgu&uid=EEA34089-5632-43C7-BF93-697CB6C23F93
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=7ri0rgu&uid=EEA34089-5632-43C7-BF93-697CB6C23F93
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:51 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

location
https://ps.eyeota.net/match?bid=7ri0rgu&uid=EEA34089-5632-43C7-BF93-697CB6C23F93
date
Tue, 06 Aug 2024 09:21:51 GMT
content-type
text/html; charset=UTF-8
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
ps.eyeota.net/
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=969470227073091097&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=969470227073091097&bid=omt9pi0
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 06 Aug 2024 09:21:52 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Location
https://ps.eyeota.net/match?uid=969470227073091097&bid=omt9pi0
Date
Tue, 06 Aug 2024 09:21:51 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
59742
i.liadm.com/s/ 		0
0
pushpull
ws.rqtrk.eu/ 		0
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2YtYhDbBvhy4OVA9DBjAlC9UlMT-EIkPKQImWEmnE4qQ
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D03518a24-a6b3-4c42-b9ca-61abade7ad5e%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2211485602329325570&pt=03518a24-a6b3-4c42-b9ca-61abade7ad5e%2C%2C
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2211485602329325570&pt=03518a24-a6b3-4c42-b9ca-61abade7ad5e%2C%2C
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gbatemp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 09:21:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 09:21:51 GMT
an-x-request-uuid
2717aca7-76ca-45fd-88e6-ba2c33339040
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2211485602329325570&pt=03518a24-a6b3-4c42-b9ca-61abade7ad5e%2C%2C
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408010101&jk=881133623149794&bg=!GBulG1TNAAZjy5caQ8s7ADQBe5WfOGulnTI7gv0PMLjOyZy5n3htpItzi2RPQgjzzfV3pPoassMqEF470bwP0VKGi9Q4AgAAAK9SAAAABGgBB34ANklQbgVRvfmOWiVc_T_NaySS_ggd5g0zW-oFPA-7dVIdPaAtnYJc-EsE97zRIG7nXRZmSCKhoJkCq2zFMKBrNjZ6ahqkiVP7PrUb7DIp7FUqJ92D-w3kOOf06NwGXYFEVX_F9kEWPK-oCwpzv1Ica4Ombs56-OE4KbjbGHG1CgSa9sirAby9EXVC1GSK5wKbfv-cVWCu-9HHw8bqKDZlvr7hpK1K9Epa9pcMdz68GNmK_h73xp1ap1gfF8u1QXxiZ068bzO-GIz5iQIU9sxKdnxRolqutrmmt1Et59MZkpSeF-w402521fsg8Xw3hWc_6tCzYGzNeD8cZ7gcMBTFE5BrRu4bYF-Ts3-AbUA2QEbzshI10CXDRUSHGxVJ0NeSym1S95u-p_jHVfcrikmYjxSTIhsXZ1SKZLfSwdpVzUY0HTxOzPsL-v46OgXUEOFhwdWhfQATdL7omOUIUmipxfvAVFfP1FOTt5rm21WafnbBWf9zA1OlnIaADrhd0MPvfs26ABYi_dFF89jfoKpbGCzmEvh7pK_Xw5Tu8IZ843IiNeuLF1Bif-kjaUSjdW5qtXNMU68EFYhcwRTLEZz7hWZYaOtqehirQRbnXyRj5_Z_4LJhAhuOc8QFOi_SuONcF6RnRtPz30LpJWtg9SygoHOwLgNOhMoJvGNR145mBg8CXd9lJQkiQuFgsnSHv63sDlIiKasLvB0YPN1QHGoyOZck4P0eBkK6moUk9YVpgyAYUx4XuYuSYe0PDFNKRS98XQCWZUMUc6qldM7UOfQkvyIKoaJHwTakJCSKbVw_c_O2vN6zwA4YIMgglhps6ew31Umc1FPDnF9HmcdNJfunJrBjTKL1-6LtLLfzxKXQdF26T8LAML54LNicZFSqINb8si7M6Hd-BXshs_6DOHJUcURL1-fbU_O0cfr2OkUYr9wDdZVFQmqePUesN4ET0MANZdmrngsLcId1nx-0iKz9ociPT8u6
Domain
i.liadm.com
URL
https://i.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2iMalj0PsHzzjiECzFmSJUGs3w2hETmXApmZHOhwEfW8
Domain
ws.rqtrk.eu
URL
https://ws.rqtrk.eu/pushpull?pid=6b6d3924-92d3-4998-bf20-3f75688546c0&dmp=6b6d3924-92d3-4998-bf20-3f75688546c0&uid=2nJ7V61-JofzU87I3jUWRKZp0WZu87Xq8jFa4Pd790OE&cb=1722936111&src=www&type=100&return-unstable=true&g=1&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dm5ri0ru%26uid%3D%24BROWSER_ID

Verdicts & Comments Add Verdict or Comment

424 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| thstyleswitchConfig object| themehouse object| XF function| gtag object| dataLayer object| ramp function| admiral object| googletag string| _pwUserContentEncoding object| PageOS string| _pwGA4PageviewId function| $ function| jQuery object| Mustache function| autosize object| SV function| 4dm1r11545242527 function| FroalaEditor object| DBTech object| GROUPS object| XAUBS object| $jscomp function| $jscomp$lookupPolyfilledValue function| SortNodeListASC function| ResetIframeZ object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR number| _adImpressionSR object| _pwLogger string| _pwKassandraVer number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| tyche object| gaGlobal object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime string| GoogleAnalyticsObject function| ga object| data-events object| google_reactive_ads_global_state function| onYouTubeIframeAPIReady object| gaplugins object| gaData boolean| pwRAMPInitiated object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| webpackChunkpageos object| pageos object| __core-js_shared__ object| core object| apstag object| lotame_sync_17138 object| ox_esp object| criteo_pubtag object| criteo_identitytag_156 object| Criteo object| Criteo_identitytag_156 object| __bt object| __bt_intrnl object| __bt_tag_d string| CustomerConnectAnalytics function| cca boolean| __bt_already_invoked function| lotameIsCompatible function| sync17138_aa function| sync17138_c function| sync17138_f object| sync17138_h function| sync17138_ca function| sync17138_j function| sync17138_da object| sync17138_ object| sync17138_ja object| sync17138_ka object| sync17138_r object| sync17138_xa function| sync17138_a function| sync17138_b function| sync17138_g function| sync17138_i function| sync17138_k function| sync17138_l function| sync17138_m function| sync17138_n function| sync17138_ea function| sync17138_o function| sync17138_p function| sync17138_q function| sync17138_ga function| sync17138_fa function| sync17138_ha function| sync17138_ia function| sync17138_s function| sync17138_u function| sync17138_v function| sync17138_w function| sync17138_la function| sync17138_ma function| sync17138_x function| sync17138_na function| sync17138_y function| sync17138_z function| sync17138_t function| sync17138_B function| sync17138_oa function| sync17138_pa function| sync17138_qa function| sync17138_C function| sync17138_D function| sync17138_E function| sync17138_ra function| sync17138_F function| sync17138_G function| sync17138_H function| sync17138_J function| sync17138_L function| sync17138_K function| sync17138_M function| sync17138_N function| sync17138_I function| sync17138_sa function| sync17138_ta function| sync17138_ua function| sync17138_va function| sync17138_wa function| sync17138_O function| sync17138_P function| sync17138_ya function| sync17138_Q function| sync17138_za function| sync17138_Aa function| sync17138_Ba function| sync17138_R function| sync17138_Ca function| sync17138_Da function| sync17138_Ea function| sync17138_Fa function| sync17138_S function| sync17138_Ga function| sync17138_T function| sync17138_U function| sync17138_V function| sync17138_W function| sync17138_Ha function| sync17138_X function| sync17138_Y function| sync17138_Z function| sync17138__ function| sync17138_0 function| sync17138_1 function| sync17138_Ia function| sync17138_2 function| sync17138_Ka function| sync17138_Ja function| sync17138_3 function| sync17138_4 function| sync17138_La function| sync17138_Oa function| sync17138_Na function| sync17138_Ma function| sync17138_Qa function| sync17138_Sa function| sync17138_Pa function| sync17138_6 function| sync17138_Ra function| sync17138_Va function| sync17138_Ua function| sync17138_Ta function| sync17138_7 function| sync17138_5 function| sync17138_8 function| sync17138_Wa function| sync17138_Xa function| sync17138_Ya function| sync17138_Za function| sync17138_9 function| sync17138__a function| sync17138_$ function| sync17138_0a function| sync17138_1a function| sync17138_2a object| _aps boolean| apstagLOADED object| apscustom object| Moat#G26 object| MoatSuperV26 boolean| Moat#EVA object| moatPrebidApi object| webpackChunkTyche object| Tyche object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| liQ_instances boolean| cfb08b95-8cc9-4a46-af68-f503deb09fe8 object| lotame_sync_16576 object| cnvr_launcher_options object| _ccScriptSettings object| _ccLauncherSettings function| ccao object| ContextualEngine boolean| eventOk object| _ccReady object| _ccApiReady object| carbonApi object| carbon object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event function| callback object| pogoClassification object| intentIds object| iabIds object| iabNames object| classification object| analysis boolean| BrandSafetyChecked function| eyeota_callback number| __google_lidar_ function| __google_lidar_radf_ function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ja object| sync16576_ka object| sync16576_r object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_ea function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_ga function| sync16576_fa function| sync16576_ha function| sync16576_ia function| sync16576_s function| sync16576_u function| sync16576_v function| sync16576_w function| sync16576_la function| sync16576_ma function| sync16576_x function| sync16576_na function| sync16576_y function| sync16576_z function| sync16576_t function| sync16576_B function| sync16576_oa function| sync16576_pa function| sync16576_qa function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_ra function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_J function| sync16576_L function| sync16576_K function| sync16576_M function| sync16576_N function| sync16576_I function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_O function| sync16576_P function| sync16576_ya function| sync16576_Q function| sync16576_za function| sync16576_Aa function| sync16576_Ba function| sync16576_R function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_Fa function| sync16576_S function| sync16576_Ga function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Ha function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Ia function| sync16576_2 function| sync16576_Ka function| sync16576_Ja function| sync16576_3 function| sync16576_4 function| sync16576_La function| sync16576_Oa function| sync16576_Na function| sync16576_Ma function| sync16576_Qa function| sync16576_Sa function| sync16576_Pa function| sync16576_6 function| sync16576_Ra function| sync16576_Va function| sync16576_Ua function| sync16576_Ta function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Wa function| sync16576_Xa function| sync16576_Ya function| sync16576_Za function| sync16576_9 function| sync16576__a function| sync16576_$ function| sync16576_0a function| sync16576_1a function| sync16576_2a object| __id5_finalization_registry object| ID5 function| _33AcrossIdMappingsProvider object| conversant object| PublisherCommonId object| carbonReady string| _carbonUID object| carbonUIDCache object| _ccSettings object| ccRefresh object| publink_options object| coreid number| google_unique_id object| criteo_pubtag_prebid_156 object| Criteo_prebid_156 object| googDdmPs object| GoogleGcLKhOms object| google_image_requests

326 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1722936104466
.3lift.com/sync Name: sync
Value: CgoIgAIQ0K_6t5IyCgoIgQIQ0K_6t5IyCgoIggIQ1sf6t5IyCgoIhwIQ7a76t5IyCgkISRDQr_q3kjIKCQgLENCv-reSMgoKCIsCEIm0-reSMgoKCIwCEO2u-reSMgoKCM4BENCv-reSMgoKCI4BEIm0-reSMgoJCA4Q1sf6t5IyCgoIkAIQ1sf6t5IyCgoIkQIQibT6t5IyCgoIkgIQibT6t5IyCgoIkwIQ1sf6t5IyCgoIlAIQ0K_6t5IyCgoIlQIQ1sf6t5IyCgoI1gEQ1sf6t5IyCgkIGxDtrvq3kjIKCgidAhDQr_q3kjIKCgjeARDQr_q3kjIKCQhfEO2u-reSMgoJCB8QibT6t5IyCgoIoQEQ7a76t5IyCgoI4gEQ7a76t5IyCgoI4wEQibT6t5IyCgoI5gEQ7a76t5IyCgoI5wEQ0K_6t5IyCgoIrAIQ7a76t5IyCgoIrQIQ7a76t5IyCgoIswIQ1sf6t5IyCgoItAIQ0K_6t5IyCgoItQIQ1sf6t5IyCgoItwIQibT6t5IyCgkIORCJtPq3kjIKCQg6EO2u-reSMgoKCLsCEIm0-reSMgoKCPsBENbH-reSMgoKCP8BEIm0-reSMgoJCD8Q1sf6t5Iy
.smartadserver.com/api Name: pid
Value: 4894556593840361903
.liadm.com/j Name: lidid
Value: b8a6ad59-c7c1-4d3d-8e60-c0ced676cc48
.ccgateway.net/1 Name: ccuid
Value: a58a75a2-e241-4c10-8545-2d0e5eb595c0
.ccgateway.net/1 Name: ccsid
Value: 145b882a-838b-4a29-875d-fbc6a0f4f00d
gbatemp.net/ Name: xf_csrf
Value: DmMD1GDOJW0kxLXl
.gbatemp.net/ Name: _ga_5X4VMGQS0P
Value: GS1.1.1722936098.1.0.1722936098.0.0.0
gbatemp.net/ Name: xf_siropu_chat_channel
Value: room
gbatemp.net/ Name: xf_siropu_chat_room_id
Value: undefined
.gbatemp.net/ Name: _ga
Value: GA1.2.362579429.1722936098
.gbatemp.net/ Name: _gid
Value: GA1.2.418071578.1722936099
.gbatemp.net/ Name: _gat_gtag_UA_2061983_1
Value: 1
.gbatemp.net/ Name: _awl
Value: 2.1722936099.5-f70eebbe66802d8169018576ae1250cb-6763652d75732d6561737431-0
gbatemp.net/ Name: usprivacy
Value: 1---
gbatemp.net/ Name: ad_clicker
Value: false
.gbatemp.net/ Name: _sharedid
Value: 0e86ec58-1a87-4a59-a50d-4d224f3fd4d7
.gbatemp.net/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.gbatemp.net/ Name: _li_dcdm_c
Value: .gbatemp.net
.gbatemp.net/ Name: _lc2_fpi
Value: ca4d2748bbfa--01j4kfx1vkrfzk2q21fr601cc2
.gbatemp.net/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1722936100723%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 8b3233b959b5a360224ce377f369c061
.eyeota.net/ Name: mako_uid
Value: 19126fe87a5-47850000010a5bed
.eyeota.net/ Name: SERVERID
Value: 23533~DM
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQsEgyNjI2TrI0tUwyTTQ2MzAyMklONTY3TzM2s0w2MDNkAIK0ja9VGBAAAEEACkk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBI2%2FhahQEOABszAic%3D"
.liadm.com/ Name: lidid
Value: b8a6ad59-c7c1-4d3d-8e60-c0ced676cc48
.agkn.com/ Name: ab
Value: 0001%3A3OWGBxVwiGnDYz3lfJfzYbztAaJ5HcE6
.gbatemp.net/ Name: _cc_id
Value: 8b3233b959b5a360224ce377f369c061
gbatemp.net/ Name: GLAM-JID
Value: 7d518e526e2342febc851849f32a926f
gbatemp.net/ Name: GLAM-AID
Value: 419330f0bfe346ba926fe70d9ffd4ef8
gbatemp.net/ Name: GLAM-SID
Value: f7f93840904e4eff8b30dadd82a00efd
gbatemp.net/ Name: __j_state
Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%22bdaec79b31064fcebe956b3bdedb7429%22%2C%22extreferer%22%3A%22https%3A%2F%2Fgbatemp.net%2Fdownload%2Fbatch-cia-3ds-decryptor.35098%2F%22%2C%22user_worth%22%3A0%7D
.gbatemp.net/ Name: panoramaId_expiry
Value: 1723022500815
.pippio.com/ Name: did
Value: Yj8sLZ0vu7mSrHx7
.pippio.com/ Name: didts
Value: 1722936101
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKXWx7UGEgYIgr0rEAA=
.linkedin.com/ Name: li_sugr
Value: 74ccbbb4-d782-48d6-8c08-1aa977093a24
.linkedin.com/ Name: bcookie
Value: "v=2&02f2a48b-5778-420c-8dd8-9d9447240908"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2952:u=1:x=1:i=1722936101:t=1723022501:v=2:sig=AQH6obL255NCvvi7LtA5M-93uhRAuY2z"
.gbatemp.net/ Name: FCNEC
Value: %5B%5B%22AKsRol_S_WpIfVAcAjC2qO0gPYXhAmJvXVT2u-injn7hopzx8DvEzMmHEwmLVTAxv5ZIPg_DhYzu33uhjONgRQg6epetQB4RGNDcN5zseLMquy9yUV29LMqiHWkz7pv12rvT1LWYquRyhq8LaOixam242I5nH3sQJw%3D%3D%22%5D%5D
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.ccgateway.net/ Name: ccuid
Value: a58a75a2-e241-4c10-8545-2d0e5eb595c0
.ccgateway.net/ Name: ccsid
Value: 145b882a-838b-4a29-875d-fbc6a0f4f00d
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: 5baad550-1e5d-4173-a212-bf34df76401b
.yahoo.com/ Name: A3
Value: d=AQABBCXrsWYCEMDoIHvGTOc-akKbf5yiCtUFEgEBAQE8s2a7ZtxH0iMA_eMAAA&S=AQAAAk8cLanpW3NEI26-gnl62nA
.turn.com/ Name: uid
Value: 7908695941875618071
.bluekai.com/ Name: bku
Value: Ul199YUgLVjlu3Wq
.bluekai.com/ Name: bkpa
Value: KJy9xyYXd02pSUHknp/8BE1NwthoqVk6wEWZSVx21kawzea6SsJtKcooP6BbjUonE6ji1sHHjUHjR6G6Et2bHcoBDlBABeCY1E9e9wODaA1=
.doubleclick.net/ Name: IDE
Value: AHWqTUneJ95CjZSo7B5YX7QEXru5HU9XNBjMq4vqkMC5jWBWS3GCoSTN5btVo108qm8
.gumgum.com/ Name: cs
Value: true
.sharethrough.com/ Name: stx_user_id
Value: a4e8f465-6cb6-4721-a7c8-b78f2e6f69de
.rubiconproject.com/ Name: khaos
Value: LZI7O4K8-18-50W2
.gumgum.com/ Name: vst
Value: u_152a7994-99c1-4a63-9747-374e328dc2b2
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 1141145899362980560324
.adnxs.com/ Name: XANDR_PANID
Value: 99wA0uxloVcnnq2G_N-ZJqC9HCgcjDR8dOQx_73ZeY5wCYfBeLaGppeTx4dPVaTrMJaG1F74Bgu99pHtBFePpJZ5J5aMbfsXq5vW1tHW5Bc.
.adnxs.com/ Name: icu
Value: ChgIqY80EAoYASABKAEwptbHtQY4AUABSAEQptbHtQYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2211485602329325570
.amazon-adsystem.com/ Name: ad-id
Value: A07h5a6rQkWinNADTFJpsK0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: af0b65af-48de-4a70-b772-30e337dada32
.bidswitch.net/ Name: c
Value: 1722936102
.bidswitch.net/ Name: tuuid_lu
Value: 1722936102
.smaato.net/ Name: SCM
Value: 5ad3684e27
.smaato.net/ Name: SCMaps
Value: 5ad3684e27
.simpli.fi/ Name: suid
Value: 590F9BBF37F74AA3A8CC3FCD66500471
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uis
Value: b5146a04-835a-43c8-ad59-5f78309e5643
.go.sonobi.com/ Name: __uin_cx
Value: 1
.go.sonobi.com/ Name: __uir_cx
Value: 50401302
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 50401302
.go.sonobi.com/ Name: __uin_li
Value: 1
.go.sonobi.com/ Name: __uir_li
Value: 50401302
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 50401302
.go.sonobi.com/ Name: __uin_lr
Value: 1
.go.sonobi.com/ Name: __uir_lr
Value: 50401302
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 50401302
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 50401302
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 50401302
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 50401302
.go.sonobi.com/ Name: HAPLB8G
Value: s86197|ZrHrK
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: a511ff80f0fe0435f0bf32d35322546b
.casalemedia.com/ Name: CMID
Value: ZrHrJsAoJU0AAEDXAaitbwAA
.casalemedia.com/ Name: CMPS
Value: 2816
.casalemedia.com/ Name: CMPRO
Value: 2816
.3lift.com/ Name: tluidp
Value: 1141145899362980560324
.media.net/ Name: visitor-id
Value: 3659377021524065000V10
.yieldmo.com/ Name: yieldmo_id
Value: VmhHzII0RHIbizEbEONO%7C1722902400000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1197323%7Crc%3D1197323%7Cc%3D1197323%7Ct%3D1197323%7Can%3D1197323
.postrelease.com/ Name: visitor
Value: feccf536-8913-4de0-b3a8-03fde38db9d7
.postrelease.com/ Name: status
Value: 0
.bidr.io/ Name: bito
Value: AAHREU7NY9YAABWx1y0yHw
.bidr.io/ Name: bitoIsSecure
Value: ok
.zemanta.com/ Name: zuid
Value: _Q2sTODXzeknPbIF28En
.yellowblue.io/ Name: wrvUserID
Value: 3ji4rd1-C
.go.sonobi.com/ Name: __uir_td
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_td
Value: 5baad550-1e5d-4173-a212-bf34df76401b
.smaato.net/ Name: SCMrise
Value: 5ad3684e27
.connatix.com/ Name: cnx_userId
Value: b5166f9c00774ecda2d5d95e8efc4627
.go.sonobi.com/ Name: __uir_bw
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_bw
Value: af0b65af-48de-4a70-b772-30e337dada32
.sitescout.com/ Name: ssi
Value: ae498af2-fe44-4362-b439-339840e30e09#1722936103254
.id5-sync.com/ Name: 3pi
Value:
.contextweb.com/ Name: V
Value: AHXe6bRIfUf6
.contextweb.com/ Name: VP
Value: part_AHXe6bRIfUf6
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a9b974d692ffd02a
.rubiconproject.com/ Name: khaos_p
Value: LZI7O4K8-18-50W2
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:550:1d05:1::10
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EEA34089-5632-43C7-BF93-697CB6C23F93
.deepintent.com/ Name: CDIUSER
Value: di_794abc620fd94e808e9bc
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDIyNzA3NrA0NLA0F-Iz1M0sTKwsy09zCizKzgYAHDRVSiQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDIyNzA3NrA0NLA0F-Iz1M0sTKwsy09zCizKzgYAHDRVSiQAAAA
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-14cd5131-7995-37c4-ac31-25c8061bbd7a
.adform.net/ Name: C
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ac35646-c984-5bca-403a-4c1bcae8698e.nLLj57CHVxQ1HKqRLlV3a5Ej6xn%2Fy2Xd1V64v4xF7%2F8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ac35646-c984-5bca-403a-4c1bcae8698e.nLLj57CHVxQ1HKqRLlV3a5Ej6xn%2Fy2Xd1V64v4xF7%2F8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASsNWRsmEW8pAOkwbyuhpjiaEdkg.XSzBvoOPXXn12c2ZZolIyorybLoWtehvUDbK0nfV0%2F0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASsNWRsmEW8pAOkwbyuhpjiaEdkg.XSzBvoOPXXn12c2ZZolIyorybLoWtehvUDbK0nfV0%2F0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEGcYBCCn1se1BjABOgTwU00QQgQpzSTm.gSuVrC5xyX9N7lPFMLct6jhPbeYkHKebpaI%2F2Ukxswo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEGcYBCCn1se1BjABOgTwU00QQgQpzSTm.gSuVrC5xyX9N7lPFMLct6jhPbeYkHKebpaI%2F2Ukxswo
.ipredictive.com/ Name: cu
Value: 498e9e95-afac-4b72-9ac5-89c164f0de8b|1722936103444
.mathtag.com/ Name: uuid
Value: 2ede66b1-eb27-4100-b7e5-223a0e7cd062
.quantserve.com/ Name: mc
Value: 66b1eb27-6fd8c-cf783-1dfd9
.ads.yieldmo.com/ Name: ptrc
Value: CAESEGaufPlLFDqzcMX689kbE6A
.ads.yieldmo.com/ Name: ptrt
Value: 5baad550-1e5d-4173-a212-bf34df76401b
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_add52a73-f871-44db-86fe-758c7e36515a
.33across.com/ Name: 33x_ps
Value: u%3D212730409520809%3As1%3D1722936103467%3Ats%3D1722936103467
.ads.yieldmo.com/ Name: ptrpp
Value: AHXe6bRIfUf6
.ads.yieldmo.com/ Name: ptrrc
Value: LZI7O4K8-18-50W2
.go.sonobi.com/ Name: __uir_zt
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_zt
Value: 969470227073091097
.go.sonobi.com/ Name: __uir_st
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_st
Value: SsNWRsmEW8pAOkwbyuhpjiaEdkg
.creativecdn.com/ Name: ts
Value: 1722936103
.creativecdn.com/ Name: g
Value: U04oejDlxCZ4P2PzEckq_1722936103495
.go.sonobi.com/ Name: __uir_if
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_if
Value: 2ede66b1-eb27-4100-b7e5-223a0e7cd062
.go.sonobi.com/ Name: __uir_fw
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_fw
Value: 69841af062da194edecf4ca4b619d4f
.omnitagjs.com/ Name: ayl_visitor
Value: 6c4d0b96c3868ec10cc5435150038e14
.csync.loopme.me/ Name: viewer_token
Value: dc39e99b-18e9-463a-a543-1b3497fed1d3
.media.net/ Name: data-ris
Value: {{APID}}~~25
.adform.net/ Name: uid
Value: 3191134199394382058
.go.sonobi.com/ Name: __uir_eb
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_eb
Value: CAESEGkBDv5i5GEhOiEizOd8PfU||1
.lijit.com/ Name: ljt_reader
Value: JHYRALZHJj-PeGVGTO6Lr43v
.tapad.com/ Name: TapAd_TS
Value: 1722936103755
.tapad.com/ Name: TapAd_DID
Value: 03518a24-a6b3-4c42-b9ca-61abade7ad5e
.demdex.net/ Name: demdex
Value: 43952820952067770800686883245441866040
.technoratimedia.com/ Name: tads_uidp_16
Value: 1551371482546
.technoratimedia.com/ Name: tads_uidp_37
Value: 8899e147-84b6-3b64-bc34-71657c809654
.technoratimedia.com/ Name: tads_uidp_45
Value: 79F2060E-A633-4206-A893-10347237D95B
.technoratimedia.com/ Name: tads_uidp_46
Value: 6625296346491922105
.technoratimedia.com/ Name: tads_uidp_64
Value: 7zI23KF7GDNrOu6Z4jl2wDM6rLh8Aq99
.technoratimedia.com/ Name: tads_uidp_70
Value: 1668364574412-986994375386-009124-010-008838
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-ad9a696f-a29e-457c-8249-63b7191b9223-004
.technoratimedia.com/ Name: tads_uidp_77
Value: wVX8cVAO7bBo0xeCWr53vHiq4n3-rKl8DEzMEOgP99M
.technoratimedia.com/ Name: tads_uidp_79
Value: 1f98861f-c14a-4b89-87a2-9e82af3c9ec2
.technoratimedia.com/ Name: tads_uidp_83
Value: R9WXtN4HSgtT
.technoratimedia.com/ Name: tads_uidp_90
Value: 10c87e9f-8a95-459f-8d8c-ece36ac01bef
.technoratimedia.com/ Name: tads_uidp_91
Value: 1127780877599371273brt56851661351334633785b9
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1706659281636
.go.sonobi.com/ Name: __uir_rh
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_rh
Value: d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:590F9BBF37F74AA3A8CC3FCD66500471&KRTB&23486-uid:590F9BBF37F74AA3A8CC3FCD66500471&KRTB&23489-uid:590F9BBF37F74AA3A8CC3FCD66500471&KRTB&23539-uid:590F9BBF37F74AA3A8CC3FCD66500471
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHVp4PGYyP0TSqRw2cCRNwk&KRTB&23025-CAESEHVp4PGYyP0TSqRw2cCRNwk&KRTB&23386-CAESEHVp4PGYyP0TSqRw2cCRNwk
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-498e9e95-afac-4b72-9ac5-89c164f0de8b&KRTB&23011-498e9e95-afac-4b72-9ac5-89c164f0de8b&KRTB&23355-498e9e95-afac-4b72-9ac5-89c164f0de8b
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5baad550-1e5d-4173-a212-bf34df76401b&KRTB&22918-5baad550-1e5d-4173-a212-bf34df76401b&KRTB&22926-5baad550-1e5d-4173-a212-bf34df76401b&KRTB&23031-5baad550-1e5d-4173-a212-bf34df76401b
.dpm.demdex.net/ Name: dpm
Value: 43952820952067770800686883245441866040
.s3xified.com/ Name: rtbDspUserSyncIDs231123sd3r32
Value: {"1642":"0ACA07A79B244833993E8B9798357D18"}
.intentiq.com/ Name: IQver
Value: 1.9
.go.sonobi.com/ Name: __uir_bs
Value: 216471948111187991
.go.sonobi.com/ Name: __uin_bs
Value: ae498af2-fe44-4362-b439-339840e30e09-66b1eb27-5553
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5265
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-ae498af2-fe44-4362-b439-339840e30e09-66b1eb27-5553&KRTB&23418-ae498af2-fe44-4362-b439-339840e30e09-66b1eb27-5553
.gbatemp.net/ Name: __gads
Value: ID=f1e1333016dff5be:T=1722936103:RT=1722936103:S=ALNI_MY8TGdbB3yJYpOPoz_sHApQRs0qPA
.gbatemp.net/ Name: __gpi
Value: UID=00000ec752bd4d1b:T=1722936103:RT=1722936103:S=ALNI_MbfLPs846cR_1OE1A8KyJGn3aOQiA
.gbatemp.net/ Name: __eoi
Value: ID=d7e08ccb67c730e8:T=1722936103:RT=1722936103:S=AA-AfjbXZ9mq6eQnVlHURtn0tD4O
.primis.tech/ Name: csuuid
Value: 66b1eb282a3de
.adkernel.com/ Name: SSPR_40
Value: aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9MjcmYnV5ZXJ1aWQ9QTE1NjMyNjcyODM3ODU3NDM0OTkmcj1DaWQxWVMweE5HTmtOVEV6TVMwM09UazFMVE0zWXpRdFlXTXpNUzB5TldNNE1EWXhZbUprTjJFcWdBRm9kSFJ3Y3pvdkwyMWhkR05vTG5Ob1lYSmxkR2h5YjNWbmFDNWpiMjB2YzNsdVl5OTJNVDl6YjNWeVkyVmZhV1E5TjNKclNrRm9VRU5YV0dKM09VeHhOV1JhZUdNMlZIWk9Kbk52ZFhKalpWOTFjMlZ5WDJsa1BYVmhMVEUwWTJRMU1UTXhMVGM1T1RVdE16ZGpOQzFoWXpNeExUSTFZemd3TmpGaVltUTNZVElDSmhzNEFnPT0=
.adkernel.com/ Name: SSPZ
Value: 176971
.adkernel.com/ Name: DSP2F_40
Value: 508546
.adkernel.com/ Name: ADKUID
Value: A1563267283785743499
.w55c.net/ Name: wfivefivec
Value: YSKLclqp1SBgo05
.w55c.net/ Name: matchcasale
Value: 5
.technoratimedia.com/ Name: tads_uidp_7
Value: 5baad550-1e5d-4173-a212-bf34df76401b
.technoratimedia.com/ Name: tads_uidp_80
Value: y-gNnSEHFE2uFeLXnqckafF8YtTm0tK5BW~A
.socdm.com/ Name: SOC
Value: ZrHrJ8Co8HMAABCuzWEAAAAA
.gbatemp.net/ Name: _ga_P2QEWTVBNB
Value: GS1.1.1722936099.1.0.1722936104.0.0.0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAHREU7NY9YAABWx1y0yHw
.technoratimedia.com/ Name: tads_uidp_48
Value: af0b65af-48de-4a70-b772-30e337dada32
.technoratimedia.com/ Name: tads_uidp_82
Value: ZrHNjtHM70IAAELEAXZinQAA&256
.openx.net/ Name: i
Value: f270dde0-db28-04de-15a9-19b714335ceb|1722936104
.technoratimedia.com/ Name: tads_uidp_50
Value: 604dfe54-7d31-489a-8563-3cdf8bf9dc28
.w55c.net/ Name: matchtriplelift
Value: 5
.technoratimedia.com/ Name: tads_uidp_88
Value: 1141145899362980560324
.intentiq.com/ Name: intentIQ
Value: GI0psNY15y
.aralego.com/ Name: sspid
Value: 8899e147-84b6-3b64-bc34-71657c809654
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVS2YySk9W
.intentiq.com/ Name: IQPData
Value: 646215245#1722936105145#0#1722936105145
.intentiq.com/ Name: intentIQCDate
Value: 1722936105146
.intentiq.com/ Name: ASDT
Value: 0
.media.net/ Name: data-sy
Value: 0ACA07A79B244833993E8B9798357D18~~3
.bing.com/ Name: MUID
Value: 0C4393E3D3536CAC3EB48730D2F46D10
.c.bing.com/ Name: MR
Value: 0
.id5-sync.com/ Name: id5
Value: 526689a4-f0a8-7fc1-a824-d7d5dab9e108#1722936102570#4
.technoratimedia.com/ Name: tads_uidp_62
Value: 3659377021524065000V10
.kargo.com/ Name: ktcid
Value: b8fa1980-c60c-0142-5584-1ac90e9aaf80
.smartadserver.com/ Name: pid
Value: 2054044865568084280
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAHREU7NY9YAABWx1y0yHw
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAEqXb9OXqh8wJPhSnsAQEBAQEBAQCQJ_-YEgEBAJAn_5gS
.tynt.com/ Name: uid
Value: NEZ+Lmax6yn3KZLeLiizyw==
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_4d0d6e43-53d5-11ef-89ee-12a907f1fdf9
.w55c.net/ Name: matchpubmatic
Value: 5
.technoratimedia.com/ Name: tads_uidp_73
Value: AAHREU7NY9YAABWx1y0yHw
.doubleclick.net/ Name: APC
Value: AfxxVi7rSSH-oqBGs2MJXsAa_o0pGIyzUBWQ510KvQj8i5Pwj_dxgA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.technoratimedia.com/ Name: tads_uidp_44
Value: LZI7O4K8-18-50W2
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_794abc620fd94e808e9bc&KRTB&23571-di_794abc620fd94e808e9bc
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:YSKLclqp1SBgo05&KRTB&23421-uid:YSKLclqp1SBgo05
.pbs.yahoo.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjExNDExNDU4OTkzNjI5ODA1NjAzMjQiLCJleHBpcmVzIjoiMjAyNC0wOC0yMFQwOToyMTo0NS44OTkxNjY5MjFaIn19fQ==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1722936105933%7D%5D
.sportradarserving.com/ Name: zuuid
Value: eb3c40c7-2471-4a0c-9bba-20ed5b240f70
.sportradarserving.com/ Name: c
Value: 1722936105
.sportradarserving.com/ Name: zuuid_lu
Value: 1722936106
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1722936106
.technoratimedia.com/ Name: tads_uidp_61
Value: 212730409520809
.openx.net/ Name: pd
Value: v2|1722936104.2|iKvPvMgakWgy.bwuYhEgKg2f8
.rlcdn.com/ Name: rlas3
Value: Ql/m1xm1fTkhr3hs4eq/VmKSf+2qqHjySTQ6HlVmJw8=
.krushmedia.com/ Name: krm_usr
Value: d61cf22e-2d20-50b6-93f4-147028b66dc2
.krushmedia.com/ Name: krm_r
Value: 615
.quantserve.com/ Name: d
Value: EBQBGQHALPijD9r7EO2o0QA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-969470227073091097
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7908695941875618071&KRTB&23150-7908695941875618071&KRTB&23527-7908695941875618071
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_4d0d6e43-53d5-11ef-89ee-12a907f1fdf9&KRTB&23354-cuid_4d0d6e43-53d5-11ef-89ee-12a907f1fdf9&KRTB&23415-cuid_4d0d6e43-53d5-11ef-89ee-12a907f1fdf9&KRTB&23422-cuid_4d0d6e43-53d5-11ef-89ee-12a907f1fdf9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3191134199394382058&KRTB&23231-3191134199394382058&KRTB&23263-3191134199394382058&KRTB&23481-3191134199394382058
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-SsNWRsmEW8pAOkwbyuhpjiaEdkg&KRTB&23334-SsNWRsmEW8pAOkwbyuhpjiaEdkg&KRTB&23417-SsNWRsmEW8pAOkwbyuhpjiaEdkg&KRTB&23426-SsNWRsmEW8pAOkwbyuhpjiaEdkg
.smaato.net/ Name: SCMinf
Value: 5ad3684e27
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-VCuouwd_-L1PK6zuWn7n6QQq8rlPLK7sBiR9WdFs&KRTB&22979-VCuouwd_-L1PK6zuWn7n6QQq8rlPLK7sBiR9WdFs&KRTB&23462-VCuouwd_-L1PK6zuWn7n6QQq8rlPLK7sBiR9WdFs
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-af0b65af-48de-4a70-b772-30e337dada32
.adx.opera.com/ Name: UID
Value: OPU70cb6954e1c443f38c3da0387a4a7429
.tremorhub.com/ Name: tvid
Value: 12a087e7e4c14d95abd6aeb855417e73
.tremorhub.com/ Name: tv_UIDF
Value:
.tremorhub.com/ Name: tvssa
Value: 1722936106712
.infolinks.com/ Name: SAMUSERCOOKIE
Value: 5ad3684e27
.rlcdn.com/ Name: pxrc
Value: CKTWx7UGEgUI6AcQABIFCOhHEAASBgi66gEQBhIGCMLqARAGEgYIuOsBEAM=
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_119D37504_AAD4185&KRTB&23092-R33646_119D37504_AAD4185
.teads.tv/ Name: tt_viewer
Value: dbef65c9-a251-444b-9166-34fea289ee82
.rubiconproject.com/ Name: audit_p
Value: 1|tcR/wBEzWcIv3OQiZBP9yqS5Bv7H1ouoxdnNVF8ci14bnPJ5a2eu6gXR7W45iM67D5djWYf8rjT6CnrMdsui7Rwcea/b3NSzCnRyHxXVmeSma+WVcS1g3g==
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcIv3OQiZBP9yqS5Bv7H1ouoxdnNVF8ci14bnPJ5a2eu6gXR7W45iM67D5djWYf8rjT6CnrMdsui7Rwcea/b3NSzCnRyHxXVmeSma+WVcS1g3g==
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 95eabf13-36e5-428a-82f7-aa0e91aac417
.comcast.demdex.net/ Name: comcast
Value: 43952820952067770800686883245441866040
.agkn.com/ Name: u
Value: C|0EAAAAAAALkSnqwAAAAAAAQAHAAAAAAHbk7b__x4AAAAAAGOFrgAAAAAW0HXnAAAAAAxM27gAAAAAIjv4DAA
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=60621933CEDF7B"
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22140%22%3A%2220240806%22%2C%221%22%3A%2220240806%22%2C%22141%22%3A%2220240806%22%7D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1sws|4is.0.CAESEAv1KPJ-P395IoJQl1rAhqA|7br.0.1|7TZ.0.1|7dN.0.AAHREU7NY9YAABWx1y0yHw
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1sws|4is.0.CAESEAv1KPJ-P395IoJQl1rAhqA|7br.0.1|7TZ.0.1|7dN.0.AAHREU7NY9YAABWx1y0yHw
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIgr_J_-aAmz0QBRIXCghwdWJtYXRpYxILCMaYxa_ngJs9EAUSFgoHcnViaWNvbhILCPKP4oTngJs9EAUSFAoFdGFwYWQSCwjU4pOH54CbPRAFEhcKCGxpdmVyYW1wEgsIgpPEoueAmz0QBRgBIAEoAjILCMqOyNz9gJs9EAU4AVoIcHVibWF0aWNgAg..
.pubmatic.com/ Name: DPSync4
Value: 1723507200%3A252_265%7C1724112000%3A262_261_260_259_201_263
.pubmatic.com/ Name: SyncRTB4
Value: 1724112000%3A21_267_220_48_240_56_249_214_238_22_104_231_166_176_13_5_3_54_55_8_243_71_165_7_264_96_234_250_233_46_178_266_99%7C1723507200%3A223_2_15%7C1724198400%3A268_35%7C1723766400%3A63%7C1728086400%3A69%7C1723334400%3A216%7C1725494400%3A224
.company-target.com/ Name: tuuid
Value: cd173b3c-0d8e-47ea-b033-b4aa1f38ef18
.company-target.com/ Name: tuuid_lu
Value: 1722936108|tlx:0
.mfadsrvr.com/ Name: tuuid
Value: 8c00cb91-c14e-4603-a30a-5435800978de
.mfadsrvr.com/ Name: c
Value: 1722936108
.mfadsrvr.com/ Name: tuuid_lu
Value: 1722936108
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyMjkzNjEwODQxMywiMjYiOjE3MjI5MzYxMDUwMTksIjM5IjoxNzIyOTM2MTAzNDMyLCIxNyI6MTcyMjkzNjEwNjQwMSwiNyI6MTcyMjkzNjEwMzQzMn0
.dotomi.com/ Name: DotomiTest
Value: 7aaf33f643d111c3
.mfadsrvr.com/ Name: ssh
Value: !triplelift=1722936108
.thrtle.com/ Name: mc
Value: eyJpZCI6IjZkOTYwOWQwLWY3NDQtNDkzNy05YjEzLTQ4ZDg4NThlY2MyZCIsImwiOjE3MjI5MzYxMDg0MjUsInQiOjJ9
.mxptint.net/ Name: mxpim
Value: R33646_119D37504_AAD4185.1.000000000000000066B1EB2C
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRkaWxmaGBhYmTySBCJb2BuukoUwTc2MTYDAAgFtFAwAAAA
.storygize.net/ Name: U
Value: 6339ce71-12c0-4b39-abe3-1efe1859d02d
.ctnsnet.com/ Name: cid
Value: 128aa912ec5e48648eb6eeae2a177dcf
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAEyCZXJYgezwJ42GeiAQEBAQEBAQCQJ_-k5QEBAJAn_6Tl&KRTB&22715-AQAEyCZXJYgezwJ42GeiAQEBAQEBAQCQJ_-k5QEBAJAn_6Tl&KRTB&23519-AQAEyCZXJYgezwJ42GeiAQEBAQEBAQCQJ_-k5QEBAJAn_6Tl
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&KRTB&23047-d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&KRTB&23234-d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY&KRTB&23361-d3CBIm2IEBy4sjP1X2ioBY7erVE7Ik0kFTlNeYGcPcY
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-95eabf13-36e5-428a-82f7-aa0e91aac417&KRTB&23340-95eabf13-36e5-428a-82f7-aa0e91aac417&KRTB&23498-95eabf13-36e5-428a-82f7-aa0e91aac417
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2ede66b1-eb27-4100-b7e5-223a0e7cd062
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU70cb6954e1c443f38c3da0387a4a7429&KRTB&23485-OPU70cb6954e1c443f38c3da0387a4a7429&KRTB&23524-OPU70cb6954e1c443f38c3da0387a4a7429&KRTB&23575-OPU70cb6954e1c443f38c3da0387a4a7429
beacon.lynx.cognitivlabs.com/ Name: ss
Value: nkkLXRPWjLQiKuX4UL%2Fm1TCqzCdrSGVpLTDhKcM%2BDvjLrvaoG%2FE%2FszRvDtcMkWhc3XlI4On5L1oUskkIuu8vug%3D%3D
.resetdigital.co/ Name: ckbk
Value: 00000151D7C86069
.adgrx.com/ Name: ADGRX_UID
Value: 4eee527e-53d5-11ef-8a14-ab7587868ba3
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-00000151D7C86069&KRTB&23175-00000151D7C86069
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-4eee527e-53d5-11ef-8a14-ab7587868ba3&KRTB&23275-4eee527e-53d5-11ef-8a14-ab7587868ba3
.pubmatic.com/ Name: SyncRTB3
Value: 1723766400%3A63%7C1723507200%3A38_15_223_2%7C1724198400%3A35_268%7C1725494400%3A224%7C1728086400%3A69%7C1723334400%3A216%7C1724112000%3A243_48_5_233_267_71_96_234_22_220_99_249_264_55_238_165_176_21_56_3_231_46_266_214_178_166_7_104_250_8_81_240_13_54
.tribalfusion.com/ Name: ANON_ID
Value: awnt6ZayOZbSFoJTyBr4uRwTp43GB9Qr558XcvO15VrPGcrTU5PT3VZbc5NyfSZaG8IYvqb4J4LDUvHqQORWNR6dtjbkZa4jZc
.iqzone.com/ Name: iq_u_key
Value: db6eb862-95a4-4e79-98f1-6ac8a47bd5f8
.iqzone.com/ Name: iq_r_key
Value: 277
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1723507200%3A252_253_265%7C1724112000%3A228_256_262_201_235_261_260_263_236_226_245_258_259_219%7C1722988800%3A255_248%7C1723939200%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1722957709918
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-JFAyT9GfBBSaB1TBLeuxZg&KRTB&23557-JFAyT9GfBBSaB1TBLeuxZg&KRTB&23586-JFAyT9GfBBSaB1TBLeuxZg
.pubmatic.com/ Name: PugT
Value: 1722936108
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyMjExNDg1NjAyMzI5MzI1NTcwIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjBUMDk6MjE6NDUuMTcwNTA5NDJaIn0sImdyaWQiOnsidWlkIjoiYWYwYjY1YWYtNDhkZS00YTcwLWI3NzItMzBlMzM3ZGFkYTMyIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjBUMDk6MjE6NDMuODg5OTYwMDc1WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJFRUEzNDA4OS01NjMyLTQzQzctQkY5My02OTdDQjZDMjNGOTMiLCJleHBpcmVzIjoiMjAyNC0wOC0yMFQwOToyMTo1MC4wMzgxMjY4OVoifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIxMTQxMTQ1ODk5MzYyOTgwNTYwMzI0IiwiZXhwaXJlcyI6IjIwMjQtMDgtMjBUMDk6MjE6NDUuNjMxMDU0Njk1WiJ9LCJydWJpY29uIjp7InVpZCI6IkxaSTdPNEs4LTE4LTUwVzIiLCJleHBpcmVzIjoiMjAyNC0wOC0yMFQwOToyMTo0My41MDgwMjA5OThaIn0sIm9wZW54Ijp7InVpZCI6IjE4MDI2ZDc2LWNiMzAtMDhjMC0yNGYzLTExNGFmMTRmYWQ5YiIsImV4cGlyZXMiOiIyMDI0LTA4LTIwVDA5OjIxOjQ2LjQyMTU2MDc4NFoifSwiaXgiOnsidWlkIjoiWnJIckpzQW9KVTBBQUVEWEFhaXRid0FBJjI4MTYiLCJleHBpcmVzIjoiMjAyNC0wOC0yMFQwOToyMTo0NC4zNzMzNDYxMDNaIn19fQ==
io.narrative.io/ Name: io.narrative.guid.v2
Value: 4fa0ea60-53d5-11ef-a8b1-029707880797
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7762225102123010657P
.owneriq.net/ Name: pmc
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 3244b647-7319-4172-a4aa-395384e3fcb3.492150110
.pubmatic.com/ Name: SPugT
Value: 1722936109
.semasio.net/ Name: SEUNCY
Value: 652BA9CE9F83FFF0
.onaudience.com/ Name: cookie
Value: e3c6b6842dadb137
.onaudience.com/ Name: done_redirects252
Value: 1
.audrte.com/ Name: arcki2
Value: 7db2ZN5q--jQ2WMMT2-OPxl6w!20220908!1722936110559!ip#38.132.118.72
.audrte.com/ Name: arcki2_pubmatic
Value: EEA34089-5632-43C7-BF93-697CB6C23F93!20220908!1722936110559
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cl~2jyx:18z8~2jyx:18yi~2jyx:190u~2jyx:18za~2jyx:199z~2jyx"

2 Console Messages

Source Level URL
Text
network error URL: https://id5-sync.com/k/155.gif?puid=AAHREU7NY9YAABWx1y0yHw&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cadmus.script.ac/d25lqe4mlyaln6/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0650264dd310d76a1e7ba38028c459de.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad-events.flashtalking.com
ad.doubleclick.net
ads.pubmatic.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
api.btloader.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
carbon-cdn.ccgateway.net
cd836371f1d.cdn.intergient.com
cdn-ima.33across.com
cdn.doubleverify.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.intergi.com
cdn.intergient.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
comcast.demdex.net
config.aps.amazon-adsystem.com
config.playwire.com
crb.kargo.com
creativecdn.com
d.agkn.com
d.turn.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fundingchoicesmessages.google.com
g2.gumgum.com
gbatemp.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.3lift.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image6.pubmatic.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
materialisticmoon.com
mb.moatads.com
oa.openxcdn.net
p.rfihub.com
pa.openx.net
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
playwire-d.openx.net
pogo.ccgateway.net
prebid-server.rubiconproject.com
privacy-location-edge.ccgateway.net
proc.ad.cpe.dotomi.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-uw1.doubleverify.com
s.amazon-adsystem.com
script-api.ccgateway.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
stat.flashtalking.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
tag-api-2-1.ccgateway.net
tags.bluekai.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-uw1.doubleverify.com
u.openx.net
ups.analytics.yahoo.com
usersync.gumgum.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
z.moatads.com
i.liadm.com
pagead2.googlesyndication.com
ws.rqtrk.eu
100.27.136.39
104.18.24.111
104.18.35.167
107.178.254.65
108.138.106.108
108.138.106.47
108.138.115.149
108.138.128.34
108.139.47.39
129.159.117.159
13.225.63.85
13.35.93.38
130.211.23.194
141.95.98.65
142.250.31.102
142.251.163.154
142.251.163.155
142.251.174.154
142.251.174.156
15.197.193.217
151.101.1.108
151.101.130.49
162.19.138.117
172.217.197.132
172.217.197.154
172.253.62.139
172.253.62.157
172.253.62.97
172.64.149.180
172.64.151.101
172.67.73.161
173.194.205.147
173.194.68.154
18.173.140.223
18.204.52.140
18.212.140.196
18.238.80.119
185.184.8.90
199.38.167.131
207.65.37.179
207.65.37.181
23.203.179.38
23.212.251.19
23.220.132.230
23.55.204.47
23.55.205.215
23.62.164.208
23.62.165.161
23.9.143.51
23.9.159.188
2600:1408:c400:29::17da:da4e
2600:1f18:730:b130:726b:9ae3:b613:4114
2600:9000:211c:4200:12:4abd:d340:93a1
2600:9000:211c:6e00:14:2602:6e80:93a1
2600:9000:211c:7000:12:4abd:d340:93a1
2600:9000:21da:6a00:d:c38f:29c0:93a1
2600:9000:24f0:d800:1a:1459:5cc0:93a1
2600:9000:24f4:7000:8:48e:53c0:93a1
2600:9000:26fa:e600:19:fc2c:a140:93a1
2602:803:c002:200::32
2606:4700:10::6816:3556
2606:4700:10::6816:4bd8
2606:4700:20::681a:246
2606:4700::6812:1691
2606:ae80:1471:16::820
2607:f8b0:4004:c07::65
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1f::65
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0e::5f
2607:f8b0:400d:c0f::84
2620:100:a00b::4
2620:100:a00b::c
2620:112:f008:200::101
2620:1ec:21::14
3.214.33.241
3.225.149.108
3.225.218.10
3.237.175.195
3.81.88.244
3.85.180.135
34.102.146.192
34.111.113.62
34.192.42.219
34.206.235.77
34.236.226.19
34.36.214.49
34.36.216.150
34.95.69.49
34.96.70.87
34.98.64.218
35.186.253.211
35.201.101.243
35.211.178.172
35.244.154.8
35.244.193.51
35.71.131.137
35.71.139.29
44.213.186.61
52.200.43.168
52.223.22.214
52.3.138.212
52.46.130.91
52.85.61.54
52.91.215.149
54.144.82.51
54.164.216.236
54.173.65.180
68.67.160.117
69.173.151.100
69.173.154.9
74.119.117.6
74.125.192.148
0069c2aa00df2e106c18eb8877e53bffd7e69180c612f16d34951ff0abc16ca1
046482748328fc1c54b19683dc96cd809252ba92ecb3fa2ed7a0309d8110b841
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0573af9aeef191b64044eef3fb139d68329f1128515833e5a7ea87ae66f5eab2
063f449977d8d83092481d44ae328c36694d99c548a1827a2ddfd252b0fbd139
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071b3170d260dacf208547d087f86d58495b07955ba0242bb36092625209c729
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08f3cf4ff32d4748152f207c2cbc2ad0cdee124ee01c28df49e427ab149e1d7b
090c2ef51938b4845a8589cc1b8970807964ed3fe4276effd304a01811241e7c
094f1dd905848608e158b2f2dec568a72246830d96c2a59bb42de1d8baa1ebec
0a3094e5c3792b56a5f7c816dbb40f709fdcb5fad450fd34af5c478c89fc5bbb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
0eae4614839dd16db962955501015cf4231fcf25e3fb4e6144805f5a27f7e069
11f78adcd84d743c3b881a0ffb9596b1ec8d7069ead9a8fb09f28cf25d9f0618
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c
13d2daa2d776c08239e659dca8f2aa1e1676a4a11975ce00296542438565eea5
13fd788e3029258781365b79926216207c3a815db1a685da4298f283ec62f0ae
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3
1ce6e5150e4f2d8421181b85a0f04d8cb44522e028bd852ced5396552c483551
1cf49c1785014ea25bba3b991f3c677dcc9f903b5848efaf040bcefa4f994205
1d035d6fc9246c30a54b6d31363cbf0679769f876d4505c042555e1c8caf8c4d
201747507efb94190bc76d3e6d6c9c730fc79e31d742a9b9c3122086c12191f4
207b02948cb2445c5c0e85acc9dd8626e4f1c53d366485322051b51a6329883f
20b3e0e0580725cc6fee1948f76aa53f2f7353d20f5768e6d863582c80e0b9c1
20dd8e5ee0595ff5c58ae1c6545229af09c25bd742f3d880791c4abb3e0afe7f
24be98e9f11c3a3228f925f9f2dca2d25dded65f0e14bd6dc216de198403571f
2554a7a6577e98d02c962a69fbaa17d4ad43e650edee5648ffda63bd160252de
25e106a5f1c5d1a80bc895df64e131503ea560d57fa360b32277e01c7bacfe8c
264ba73d77e4fd432b95d82fcdd04c34f0cb528d615d04b80b0a8d7cc949c2b3
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2b0357bab0e8bed93f1e4282376e31fda98a5b74864baa17b3967925d7b16903
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e040eedc0aa174df6826a6b573897621a161f33be526c9a2b40451af40cbaa9
2f06fe994ffdef877c739fc2baaf961d929cff85ea19e62b221525898ec07126
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
34d1d6acd82550639e3751f3fae207015bc3da83fca20fe56c02ee641894f95e
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
35eb0c3fe9de6e360ea664899ab610cdbc6553761a0d91a16198a5d6f87c02d0
361c9f80feaefdda9eb1bb7ee61de56d922188898f69af4cf8a76c64fb0183ad
39feb0a067d5b56a5b8da71dcaec72c0a81fe1aec6a99ce099c85b7cd6d825ee
3aa4fa7f8b909916af9746675483481ea18de178642e164aa4ae85528b7166c6
3ac948f1f9f958d7e56ad53b1fdd18c26da63dd374d6be34a9f65285c49bb8a8
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1d909ebcf9c6128fef7dea0d9860c3dc40ee4230a240f4beaa748631f262a9
3fcb9b41884d15ce37a0aa4b8c1680859af2d33009aee21340c4f09fcbfdfb73
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
440c4f8f88af16d55e74094dc877ef2e8564605e3d13087425eb0fffdea441d2
44e2eea6f39022fd7d9c720145e9c285e0f798a61f727499f71213566d7d923f
44f9ea6e1b082e200d35a8ce36ff554b96021d56b9ed217e9485929a7aa05a44
466c7ddaaeba8a81dee01d27faa4740ed58166ad88bdef6c9505a4483ad8d6c9
46f1d1b8c6c390eb3448b35893b3880bdc6f03d2c0a50f915fe6f607e5f093ff
479a26706e073849479a399949868745836ea0a94bc87d20801d5c1604a8eb87
4a9865338eea27d217fc1bbfd00b94a876d9796e78aad912a55af44cb5e8da4a
4ab2308823e5b397d944cd9bd1f45d91a3f87ab28ba27580d693fa284781bf0e
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
4bcdc33b7708b98d81ca733eee6267957e0a051ba110830577ba0c02b63c82c3
4c4a6759855ce80913a0f7703fa0914588d5844d1278ed9ef8163bebea291156
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
5125c402e2ca8b9d97fcac27c6da053ceb5483517a4e7bd6d1663aefdcb728c8
52da441a60637b7dc9d7a4929ddc8f9a9b0ded91b369018508c54d5711946342
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55da335da3dfa07fb7487efa7ca26f6c931406525ee6442b06f3730f35aa0828
56e38855b8d76bbbc5183759cbab9f5423cc139d523289579e79f24758f9dd99
57113c8501aec17035dc3e4547102057b0b35d6fd0231dab05fce20a57aac5c4
57137ec4bf2535898681a1d0c36d4990f2b214ad321dfaf47030622562da7829
57d831a0329a6484b36f24355c95bbc4fcd8894f8fbe79d2b455997cc01d329e
5f3ba49f25bc0898b61a175bdd4ecca5d24acb3333b3cc8c977350c575366860
5f61913ef2f4b2742638b1f485e0177ef0d6673fecade0ff8b6dadc907dbd7c0
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c56cd842a0efa575fd75b11ac9d744577a021de6d5c9b9418cffc9d3b4f221
637183af234d462962aaff7fba5b46aa79da97949f4d2c3c066b32ad9a77dd41
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e
67add32da0835bf49c5d5531d08ff9d78d51ad3675084250e5c7da455c20c92d
6914a9bd076e0890bd2a5ed86c9df63ecace9fca9d2cf9a762c1868afc1a7922
6961383c441d2f3488a078d4f5a2b6ea17143bc208315a2f7b19cae1efd26641
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7044b0c225fd6df66c4f91e37a14a293860937e48b1deee5875279ffb9f32555
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7253a9f6925394468517bd8a6797a2bd49e641fcbed12d07093b41abfc978ce1
7283718c6afb96becb37f8b5251feccf01865a8e1caa723efc85b3186bd6ca32
732f1368b1b4018d15fe7a0718dd97a18d69bd03afe89156bb71a9afae669a89
74a4afb23553a68020f1bbcd03e4a8f2486ed0c125864fc49619ef28c3ad5e46
760650c21bd6f4c0861823092794ae3daaf11fdfa088678caf3013b738cfd5f3
763a0f8f78859542b65e67c886a33a22e8be8263dd0e34fa6b2d3baff7698385
76ee6d775c115ac7386dadd6d330c7cf8d2f91a10ee969d264e2df0ab8550863
7937448c3d72a7f6306be442575518f9b9436cc39305137e6477f69bb6d06f52
794ad55da0b495c4e6a935d39149a2107e4058b5ae038c3acf1919a6eaa2b155
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7b5962d6541cedee4a6a84d2c47b93c842f9ae2286ca68245c7a58d9be6327dd
7c2f29a3238655099cbe3d09819102aa6960f96dc05e055baa65e98d5c6ee0a1
7cc6fbd6cf90b8538b7ec4b045bedc7e64194a330b8bc40daaa7e3ca44c44601
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
829f950c493e2899e1fb22d0e12afd24ba57cc9ae6db056a06c4cf1628376c8c
82d587b2c150e11c65d22ebe8fdd5ffdca2c66dfb9f1744e2e2c2214be8553bc
8392316ea58fa4c3c99f51fe987ab894d5a1aada00d496c28fc6c3b85a7ffa01
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
86b7e20eb1eb1e18a4329436a977e3d86ac396a9670170d2ac7af2664d1598f7
88ad4909e63cf499a2a5cfd643fd89959a84db7458edba81c58b899bac125487
8ac08521acad5f4d7687fff1f01fa70150ad580377a793309c52547063b40143
8b8125107f1ec33d7c877c848cf42ca9756c35077d6808b454e5d1f0809ace94
8d1ad26729c4996835574ec1b0821704121ff09d2e162df0eb1ff48079b080be
8d5b7462c9c4df1bf5b80793da508d7fdc52460678201c98616b093f6a774625
8dda62d218eda3aad41c1c524e4e18042093d1a5735fd2e84da4449bccf28b1f
91bb3cf6cf2e38d28436e3ff05c9e74729319e7634d539e2b518dc642058c1c0
934a0e11be036dd3a91886554b6b7f95b05f9a2a3ebf1914493f09734349549a
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
942d7ba384b44c3dbc9d43c47f12bd288273b8c696eb088327bc23161bef3fb7
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
962a4f3c063556346c63a1efe40dd2ea0229138502368fad81a8d95e2958ac54
98a99f79012f74d2b4f3fe61df46b6c0f75807bb253dcdb450c4c2b2dff4efb9
9a4e98baeb5dbeaaaba96dd6d5265aa9b460e54f4a8ed2e6e7ca4919faee8266
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
9d85731c030db0b261b7d50f8bd279eb18c20d6be94a743a8c8380456fa616a9
9fa57774a921a0d03e8a45899c091d1494b33a3b4f5bb0800cd588299e5b6346
9fbc470d01300504e6e72f7263af0fca2352b769d82a5c428cbd02d154020c6d
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423
a2d95b3fd579197f2a095108cfb4bb800ea02912e0fa894f3916795999339881
a3c7b4f7be45c1f11423a75f305214f3b22cc6285746a1efa007a60500845c25
a3d75a7384786eebcf308b73a246c5968160a1ee0e3be87f45a260a6ee470062
a60092e4765101bdbea46cd2176875bf67c2a7f644895d2780d32496e6147a5e
a76b103dfad3f96bfdbf9b6fa5ebee8b109a6472076fb4cbcc4136dd04475aea
a7909071c98b3cadf79682968827dc18f342896c01da5aa16147f7014e274f0a
aa413100f52adc30405e4e42b17ece902561e6b0cf96732fe2265d318edd7d01
aa8d4f2fa388bc4dbba73d1afd0f47595c15227653aae79a052436d2591b41e1
ac82a25ee86a41bf4556009fe8e0c6270a43faacc2c61385d695f54eb6e65179
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aebec7f07d1897a605d5c4020db8b90df73d8e844d71817eeca21ff3f3d35450
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b21f8deb93967889a2cb4d84d54303a61a5f920b79bf4c32d880e284e161c12e
b2d38b9762bf8968017ba9ba86387363775f4948458258ef6ff74c3b11842aaa
b44ef8b9775648ccd49170eff885e21f3546e00f3a185a86069a9d4ddc75a91c
b5b6a5620a24e4a9311aa3151ff8cfb3d89d7a0ecf7dd855a273268e8de76153
b861f93f87cba8e14c74e73044ba0657e4f1c641895e4e50c33e392e47a860be
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbca919aea1dc40ddeed34d74ac655035240b8f3f471bbe260dd754479f94371
bc8bf1171b2ce54b44c3ce223b9410eeb8b21f0983299a73b84af942fea35e46
bdbf71b04eb597db5101f06cc511b6bfe2ea659f0e1e48650032631a5d0892cc
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd4a2f4916bf7cdf2c7390f3bf40b2e3918b9cce737890e4bcc73b1f96a5c9a
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
cdb6a89d518fe1f0af2da96e12b3345025374e2d310933524849136e591d810b
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfca1ac1d53fbcbb573078b71e43aef2d082a34af2a3f49b3e604ce490ef11cd
d02deca465aed4e5561d284faed1d3032382daec2cb402997da586209173c662
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d45beb565f9484eea7c11e9919a7a86a6805022c6058baf76653e58fb154aada
d81a2c76c6618171a990b0f6aae132780446fb1cded50dce1120243bef14c17b
d86f8c8fa0bd68f5b36a13b4f5e73c7ecdda0b806fb0887d8162d28c0ac07d91
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9fda4f3a2a61f8b487d827d29ba726e062cb70145fdc9cc93188af106ea2840
dc77817d16d7788cbfc55a6bab768016d4bb0759a0821bc089871eef70daf4c2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1b682ded37beb88e10acab3b967f3435b20dfc9eb1735e3c874ee7546bcb99a
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ed6782481babf82315eebf32b2cf434874bafc0ee496b79b17bcdbf92525a9
eaa67d8c5fe35b18965ef112565205d97dd7f1e1cea576f94052ac480009c430
eb0d3e86a0d3dffd0c2d917f5b309a189f78110ee62373666161a018036da1a1
eb258a268b850baf5d93bd6212ac19a1c85c6ee2d6d5e220ae66fc1a58ac3fbb
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ebe785398b999e6a636b990a4827b9111051b25e305c0b25c708372de7cd5e41
ec333db39e532f2714c5caa109465e0e46238429618b54a57e08951d43fdf6bb
ef0114e07710b0d8536142b01cc4acd70443097c3f5b94c1f16b0eff45c35f96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f3a932c31ac9feef67ec93d22bdfe47d118aa3e411198cd0700e9398b7e27396
f3c112da0223263eaaaaf05b2aac003183907aab9f5a2474a12784d8dbc07509
f3f3b2cdb449f755605992d29d0ad7e3d4517d849abb517062f5ccf71cbb2433
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
f9cc3d9d3a5a5eb3a18f6d4d5c3b23fb1360f67689a42378469737c81ad86f76
fe2f74a329d76c9702875f2eb2762231acc2d7be34ad7b1dbdb2be20729696ed