classfifth53.darkbb.com Open in urlscan Pro
188.165.2.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://classfifth53.darkbb.com/
Effective URL:
http://classfifth53.darkbb.com/
Submission: On January 31 via automatic, source certstream-suspicious (January 31st 2020, 4:03:34 pm UTC)

Summary HTTP 134 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 28 domains to perform 134 HTTP transactions. The main IP is 188.165.2.137, located in Ireland and belongs to OVH, FR. The main domain is classfifth53.darkbb.com.

This is the only time classfifth53.darkbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	188.165.2.137 188.165.2.137	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
42	2606:4700:e2:... 2606:4700:e2::ac40:8b18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6818:787c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
8	2606:4700:303... 2606:4700:3036::6812:3907	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6812:3fe8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.124.134.131 104.124.134.131	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.85.250.71 104.85.250.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
5	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
3	69.173.144.155 69.173.144.155	26667 (RUBICONPR...) (RUBICONPROJECT)
6	185.29.135.42 185.29.135.42	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1 3	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1 3	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
4 4	51.38.145.136 51.38.145.136	16276 (OVH) (OVH)
2	85.10.231.199 85.10.231.199	24940 (HETZNER-AS) (HETZNER-AS)
4	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
6	63.35.132.143 63.35.132.143	16509 (AMAZON-02) (AMAZON-02)
2	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:21f... 2600:9000:21f3:2a00:9:352d:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2 4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
3	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
134	39

4 188.165.2.137 (Ireland) 1 redirects

ASN16276 (OVH, FR)

classfifth53.darkbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:e2::ac40:8b18 (United States)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6818:787c (United States)

ASN13335 (CLOUDFLARENET, US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3036::6812:3907 (United States)

ASN13335 (CLOUDFLARENET, US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:3fe8 (United States)

ASN13335 (CLOUDFLARENET, US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.124.134.131 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-124-134-131.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.250.71 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-250-71.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.135.42 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.149 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.165 (Heppenheim an der Bergstrasse, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.111.106 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.145.136 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip136.ip-51-38-145.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.10.231.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.35.132.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.145 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2a00:9:352d:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.29.72.47 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	illiweb.com illiweb.com	240 KB
12	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com	37 KB
11	redintelligence.net 2 redirects hal9000.redintelligence.net hal90005.redintelligence.net hal900027.redintelligence.net hal900010.redintelligence.net	16 KB
9	viglink.com cdn.viglink.com api.viglink.com	40 KB
8	mathtag.com tags.mathtag.com pixel.mathtag.com	6 KB
8	servimg.com i.servimg.com	117 KB
7	adform.net track.adform.net s1.adform.net	44 KB
6	webgains.com track.webgains.com diapi.webgains.com	32 KB
5	doubleclick.net 3 redirects stats.g.doubleclick.net 5994599.fls.doubleclick.net	1 KB
4	m-t.io w-it.m-t.io	553 B
4	medialead.de 4 redirects pv.medialead.de	2 KB
4	darkbb.com 1 redirects classfifth53.darkbb.com	89 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com b.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	29 KB
2	webgains.io analytics.webgains.io	26 KB
2	ad-server.eu ad-server.eu	624 B
2	media01.eu pb.media01.eu
2	taboola.com cdn.taboola.com	141 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com 1 redirects www.google.com	826 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	topicit.net connect.topicit.net	2 KB
1	google.de www.google.de	109 B
1	gstatic.com www.gstatic.com	93 KB
1	criteo.com bidder.criteo.com	406 B
1	imgur.com i.imgur.com	3 KB
1	hitsk.in hitsk.in	23 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
134	28

	Domain	Requested by
42	illiweb.com	classfifth53.darkbb.com
8	i.servimg.com	classfifth53.darkbb.com
6	api.viglink.com	cdn.viglink.com classfifth53.darkbb.com
6	tags.mathtag.com	optimized-by.rubiconproject.com tags.mathtag.com
5	track.adform.net	optimized-by.rubiconproject.com s1.adform.net
4	w-it.m-t.io	analytics.webgains.io
4	5994599.fls.doubleclick.net	2 redirects classfifth53.darkbb.com
4	track.webgains.com	classfifth53.darkbb.com
4	pv.medialead.de	4 redirects
4	classfifth53.darkbb.com	1 redirects classfifth53.darkbb.com
3	eus.rubiconproject.com	classfifth53.darkbb.com
3	hal900027.redintelligence.net	1 redirects classfifth53.darkbb.com
3	hal90005.redintelligence.net	1 redirects classfifth53.darkbb.com
3	hal9000.redintelligence.net	classfifth53.darkbb.com
3	beacon-eu2.rubiconproject.com	classfifth53.darkbb.com optimized-by.rubiconproject.com
3	optimized-by.rubiconproject.com	ads.rubiconproject.com
3	ads.rubiconproject.com	classfifth53.darkbb.com
3	cdn.viglink.com	classfifth53.darkbb.com
3	static.criteo.net	classfifth53.darkbb.com
2	diapi.webgains.com	track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	hal900010.redintelligence.net	hal9000.redintelligence.net hal900010.redintelligence.net
2	ad-server.eu	classfifth53.darkbb.com
2	pb.media01.eu	hal90005.redintelligence.net hal900027.redintelligence.net
2	s1.adform.net	track.adform.net s1.adform.net
2	pixel.mathtag.com	tags.mathtag.com
2	b.scorecardresearch.com	1 redirects classfifth53.darkbb.com
2	cdn.taboola.com	classfifth53.darkbb.com cdn.taboola.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.google.com	1 redirects classfifth53.darkbb.com
1	sb.scorecardresearch.com	cdn.taboola.com
1	connect.topicit.net	classfifth53.darkbb.com
1	fonts.googleapis.com	ajax.googleapis.com
1	www.google.de	classfifth53.darkbb.com
1	stats.g.doubleclick.net	1 redirects
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	i.imgur.com	classfifth53.darkbb.com
1	hitsk.in	classfifth53.darkbb.com
1	www.googletagmanager.com	classfifth53.darkbb.com
1	ajax.googleapis.com	classfifth53.darkbb.com
134	41

This site contains links to these domains. Also see Links.

Domain
www.cafepress.com
www.forumotion.com
www.facebook.com
twitter.com
www.youtube.com
help.forumotion.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
topicit.net CloudFlare Inc ECC CA-2	`2019-10-06` - `2020-10-05`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2018-01-26` - `2020-04-16`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-04-25`	a year	crt.sh
*.media01.eu RapidSSL RSA CA 2018	`2019-04-12` - `2020-05-11`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
ad-server.eu Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
*.webgains.io Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
w-it.m-t.io GTS CA 1D2	`2019-12-15` - `2020-03-14`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://classfifth53.darkbb.com/
Frame ID: F2DED58FF99CC604A9AB3A5C6F68B129
Requests: 80 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: EBE0B73D06D71A22DF981EC97BE944A7
Requests: 12 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 7BF2D15BE38CB1FDBAF070C46F900C57
Requests: 16 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 29C24B33BC8236FC8F349C6A35A2C960
Requests: 16 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 351DF6A1246D51D0166030B237A4A7AF
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=
Frame ID: 5BC164DD3DA186B6C4EE48170B84E3EF
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692
Frame ID: B4908DE9E931A4D4F7DEA06615446282
Requests: 1 HTTP requests in this frame

Frame: http://hal90005.redintelligence.net/request_content.php?s=37150400136508300951457011125005&a=72114eda
Frame ID: 64F9EB205D7AFA19D30B7CBA07C82DE9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 49862031A71D6F7BB18D71DBD4077BF3
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284
Frame ID: 6EF37C5E99C3692B842775EB7DFE143B
Requests: 1 HTTP requests in this frame

Frame: http://hal900027.redintelligence.net/request_content.php?s=92877400143228500951457011125027&a=cc02746e
Frame ID: FD9F05DFEC955B5931793B7CA5A8E32C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: DC4246EC6B2F03E613355A21AA225C81
Requests: 1 HTTP requests in this frame

Frame: http://hal900010.redintelligence.net/request_content.php?s=75793100137537901232265011125010&a=f48a05cb
Frame ID: 58EA03B11837B79A837205AAD5AB3EB4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8546E690A7C387971DA4E780C6FEB251
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://classfifth53.darkbb.com/ HTTP 301
http://classfifth53.darkbb.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

134
Requests

83 %
HTTPS

39 %
IPv6

28
Domains

41
Subdomains

39
IPs

9
Countries

1018 kB
Transfer

2154 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cafepress.com/shopmotion.292568441
Title: Wanna see forumotion's goodies ?

Search URL Search Domain Scan URL

URL: https://www.forumotion.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/forumotionpage

Search URL Search Domain Scan URL

URL: https://twitter.com/Forumotion

Search URL Search Domain Scan URL

URL: https://www.youtube.com/Forumotiondotcom

Search URL Search Domain Scan URL

URL: http://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

URL: https://www.forumotion.com/invision
Title: Invision

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://classfifth53.darkbb.com/ HTTP 301
http://classfifth53.darkbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=354595339&t=pageview&_s=1&dl=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ul=en-us&de=UTF-8&dt=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1775250592&gjid=1917206301&cid=850043367.1580486589&tid=UA-144337024-1&_gid=587188786.1580486589&_r=1&gtm=2ou1m0&z=1820417365 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_gid=587188786.1580486589&gjid=1917206301&_v=j80&z=1820417365 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365&slf_rd=1&random=909834574

Request Chain 47

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A%2F%2Fclassfifth53.darkbb.com%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A%2F%2Fclassfifth53.darkbb.com%2F&c9=&cs_ak_ss=1

Request Chain 62

http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=564717201843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=564717201843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 67

http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=4923277097231&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=4923277097231&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 69

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=37150400136508300951457011125005&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 71

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=37150400136508300951457011125005 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 75

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92877400143228500951457011125027&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=

Request Chain 77

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=92877400143228500951457011125027 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 83

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692

Request Chain 90

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284

134 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
classfifth53.darkbb.com/
Redirect Chain

https://classfifth53.darkbb.com/
http://classfifth53.darkbb.com/

49 KB
12 KB

176ms
170ms

Document
text/html

188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://classfifth53.darkbb.com/

Protocol

HTTP/1.1

Server

188.165.2.137 , Ireland, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

8170a23403dcc2e8c70327feb6cb3d4447b1535e5f2cedf3fdd1655197eeac22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: classfifth53.darkbb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Fri, 31 Jan 2020 16:03:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Fri, 31 Jan 2020 00:00:00 GMT
Last-Modified: Fri, 31 Jan 2020 16:03:08 GMT
Vary: User-Agent
Set-Cookie: exadd=158050; expires=Fri, 31-Jan-2020 20:03:08 GMT; Max-Age=14400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Access-Control-Allow-Origin: *
Content-Encoding: gzip

Redirect headers

status: 301
date: Fri, 31 Jan 2020 16:03:08 GMT
content-length: 0
location: http://classfifth53.darkbb.com/

GET
H/1.1 200
OK 0-ltr.css
classfifth53.darkbb.com/ 66 KB
13 KB 270ms
268ms Stylesheet
text/css 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://classfifth53.darkbb.com/0-ltr.css

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

HTTP/1.1

Server

188.165.2.137 , Ireland, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

56f609c0e6d0323677a477fb57382eb5410fdb9f5f334f3116cab98761c9bbf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Jan 2020 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 12499
X-XSS-Protection: 1
X-Cache-MA: MISS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 06:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122013
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 06:09:35 GMT

GET
H2 200 en.js Show response
illiweb.com/rs3/60/frm/lang/ 69 KB
16 KB 131ms
45ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/60/frm/lang/en.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162f8a6d61544a0ab207c5614393b66bc21ddb2bfeabfc2c8f1479e21b7f5495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19343
cf-polished: origSize=70993
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 07 Jan 2020 15:40:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 55dce9fc6fffcadc-ARN
expires: Sat, 30 Jan 2021 10:40:45 GMT

GET
H2 200 invision.js Show response
illiweb.com/rs3/60/frm/ 2 KB
698 B 136ms
50ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/60/frm/invision.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19345
status: 200
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 55dce9fc680acadc-ARN
expires: Sat, 30 Jan 2021 10:40:43 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 93 KB
29 KB 51ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 136bdf6003a20291fa880c2aaf8dde86fad3da0925b8b23a8a82f39ef9061e29

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 17:35:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e25e4da-175ed"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 01 Feb 2020 16:03:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b53c8431aed91a1826225b05b1eccba21e0252efcf9fb53a5b601da4583acce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: br
last-modified: Fri, 31 Jan 2020 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28428
x-xss-protection: 0
expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/60/frm/jquery/cookie/ 1011 B
483 B 130ms
44ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/60/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19359
status: 200
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 55dce9fc680bcadc-ARN
expires: Sat, 30 Jan 2021 10:40:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
622 B 16ms
15ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6edf8af83f6c763cfe69a345d3ec4fe59b528a19b37d9e6a09d1cc97b6f13595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 446
x-xss-protection: 1; mode=block
expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H2 200 i_logo.png
hitsk.in/t/13/82/61/ 23 KB
23 KB 31ms
14ms Image
image/png 2606:4700:3031::6818:787c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/13/82/61/i_logo.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6818:787c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a03a85b629df261daf0505948cb459d102913e68afc4ae8cb2b39dec64c842e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1421343
status: 200
content-length: 23274
x-xss-protection: 1; mode=block
last-modified: Sat, 16 May 2009 20:31:46 GMT
server: cloudflare
etag: "4a0f22b2-5aea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fbeb9c64a3-FRA
expires: Thu, 14 Jan 2021 05:14:05 GMT

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
489 B 128ms
43ms Image
image/gif 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19359
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fc680dcadc-ARN
expires: Sat, 30 Jan 2021 10:40:29 GMT

GET
H2 200 icon_mini_search.gif
illiweb.com/fa/ 238 B
344 B 37ms
37ms Image
image/gif 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/icon_mini_search.gif

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19360
status: 200
content-length: 238
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fca857cadc-ARN
expires: Sat, 30 Jan 2021 10:40:28 GMT

GET
H2 200 jquery.marquee.min.js Show response
illiweb.com/rs3/60/frm/jquery/marquee/ 4 KB
2 KB 95ms
43ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/60/frm/jquery/marquee/jquery.marquee.min.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19358
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 55dce9fc680ccadc-ARN
expires: Sat, 30 Jan 2021 10:40:30 GMT

GET
H2 200 HtzkTXE.png
i.imgur.com/ 3 KB
3 KB 59ms
9ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/HtzkTXE.png
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 78ec7bf75a28cee083555401283d4e526f268675e5bb420b1ee8fe2bb4b9e640

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
age: 11065933
x-cache: HIT, HIT
status: 200
content-length: 2732
x-served-by: cache-bwi5131-BWI, cache-fra19182-FRA
last-modified: Wed, 25 Sep 2019 14:10:55 GMT
server: cat factory 1.0
x-timer: S1580486589.942525,VS0,VE1
etag: "af55c3ede149eaaf3d696ffa63431729"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 facebo10.png
i.servimg.com/u/f11/11/71/42/99/ 2 KB
3 KB 54ms
20ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/11/71/42/99/facebo10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e062b6e4b0bb29cf2c1934c84801bcaee9042054c3f8fb17c2092d8416d48bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4503175
status: 200
content-length: 2546
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jan 2010 12:53:56 GMT
server: cloudflare
etag: "4b5ee5e4-9f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fd0bcfc303-FRA
expires: Wed, 09 Dec 2020 13:10:13 GMT

GET
H2 200 twitte10.png
i.servimg.com/u/f11/11/71/42/99/ 5 KB
6 KB 112ms
100ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/11/71/42/99/twitte10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae345d3483e51ad4184830864d03852ed21b6b64aec2823651a088184d385be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4503176
status: 200
content-length: 5607
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jan 2010 12:55:30 GMT
server: cloudflare
etag: "4b5ee642-15e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fd0bd2c303-FRA
expires: Wed, 09 Dec 2020 13:10:13 GMT

GET
H2 200 85243212.png
i.servimg.com/u/f60/12/10/25/45/ 5 KB
5 KB 13ms
12ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/12/10/25/45/85243212.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979d2e26cfa2d30918559508bbc6ddf8f527639b4629fe80fd062dda39a15cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4503424
status: 200
content-length: 4660
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2010 15:11:16 GMT
server: cloudflare
etag: "4cd02a14-1234"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fd2c20c303-FRA
expires: Wed, 09 Dec 2020 13:06:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 5376
date: Fri, 31 Jan 2020 14:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Fri, 31 Jan 2020 16:33:33 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forumotion-en-2/ 67 KB
18 KB 44ms
37ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d58fae6ccec34af886fb6ce26ee49443543ec82c85a4442ce8ba757c35ebcec3

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: Mz1IULZyDs2.cPRbhg_bfb_4oXT2fwiS
Content-Encoding: gzip
Age: 70
X-Cache: HIT
Date: Fri, 31 Jan 2020 16:03:09 GMT
Connection: keep-alive
Content-Length: 18165
x-amz-id-2: 8Voa1gwnxnQw8Rw7WwN4cOBAkWLYVmuYAss/yu8ilk3EU4WIgVVBgYAlSKrp5RUs8+GxK+93fw4=
X-Served-By: cache-hhn4076-HHN
Last-Modified: Thu, 30 Jan 2020 14:58:42 GMT
Server: AmazonS3
X-Timer: S1580486589.086622,VS0,VE1
ETag: "ef926e533de2cf55307469c24039f093"
Vary: Accept-Encoding
x-amz-request-id: 67EB6CA381882B1C
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 73
X-Cache-Hits: 1

POST
H2 200 cdb Show response
bidder.criteo.com/ 347 B
406 B 85ms
28ms XHR
application/json 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=81&profileId=206&cb=23460985531
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: 1b74238feda3ad7dbfb6e4185b1b17b9b2be197190eca75cd3cfff1c6bd21213

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 31 Jan 2020 16:03:08 GMT
content-encoding: gzip
server: Finatra
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://classfifth53.darkbb.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 192

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TYDIjJAqCk6g335bFk3AjlC3/ 258 KB
93 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TYDIjJAqCk6g335bFk3AjlC3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd6872ee6a6b3492fba29b57455b318136e23d44e2aabcc9e1469a7f775394c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 05:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Jan 2020 21:07:29 GMT
server: sffe
age: 123046
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94687
x-xss-protection: 0
expires: Fri, 29 Jan 2021 05:52:23 GMT

GET
H2 200 backs10.png
i.servimg.com/u/f60/13/80/28/76/ 3 KB
3 KB 15ms
14ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/13/80/28/76/backs10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347bd7cf2571eec9335a1a9bbd9fed84031a6eccc85f2898fe4e4adb675eb227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1012396
status: 200
content-length: 3346
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2009 09:29:43 GMT
server: cloudflare
etag: "49ec4087-d12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fdae00c303-FRA
expires: Mon, 18 Jan 2021 22:49:53 GMT

GET
H2 404 pbucket.gif
illiweb.com/fa/ 43 B
236 B 37ms
36ms Image
image/gif 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/pbucket.gif

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 113
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 404
cache-control: max-age=31536000
cf-ray: 55dce9fdc997cadc-ARN
access-control-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 backsa10.png
i.servimg.com/u/f60/13/80/28/76/ 91 KB
91 KB 19ms
18ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/13/80/28/76/backsa10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0381064511400394b2e0c9390d016303dedcb281cf21c8115ca1f9d17a486e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 157209
status: 200
content-length: 93053
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2009 09:40:20 GMT
server: cloudflare
etag: "49ec4304-16b7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fdae07c303-FRA
expires: Thu, 28 Jan 2021 20:23:00 GMT

GET
H2 200 wrappe10.png
i.servimg.com/u/f60/13/80/28/76/ 3 KB
3 KB 27ms
26ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/13/80/28/76/wrappe10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c7854914a3618f17c3cc821beb090dfb3f0f9aa1bbd7a027692f37503d66ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 157209
status: 200
content-length: 2845
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2009 17:52:04 GMT
server: cloudflare
etag: "49ecb644-b1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fdae0ac303-FRA
expires: Thu, 28 Jan 2021 20:23:00 GMT

GET
H/1.1 200
OK 0-ltr.css
classfifth53.darkbb.com/ 64 KB
64 KB 67ms
67ms Image
text/css 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://classfifth53.darkbb.com/0-ltr.css

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

HTTP/1.1

Server

188.165.2.137 , Ireland, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Jan 2020 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 12499
X-XSS-Protection: 1
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nav10.png
i.servimg.com/u/f60/13/80/28/76/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/13/80/28/76/nav10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95dbffd1d1e6950dbd26c6db5906257ad01d9da64ff63eed915335cf2000a90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75850
status: 200
content-length: 2905
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2009 09:51:47 GMT
server: cloudflare
etag: "49ec45b3-b59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fdae10c303-FRA
expires: Fri, 29 Jan 2021 18:58:59 GMT

GET
H2 200 bottom10.png
i.servimg.com/u/f60/13/80/28/76/ 3 KB
3 KB 24ms
23ms Image
image/png 2606:4700:3036::6812:3907
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f60/13/80/28/76/bottom10.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6812:3907 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb8cec3ce76d1b797af044aaa2efc6e2e6ea922b02c4c32d07ca6eea1aab797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75850
status: 200
content-length: 3009
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2009 09:57:25 GMT
server: cloudflare
etag: "49ec4705-bc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fdae14c303-FRA
expires: Fri, 29 Jan 2021 18:58:59 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 12ms
11ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Jan 2021 16:03:09 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 12ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Jan 2021 16:03:09 GMT

GET
H2 200 ban-fm-1.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 37ms
36ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-1.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 7360
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9e2cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-2.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 41ms
40ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-2.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-133f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9e3cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-3.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 39ms
38ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-3.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 6179
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9e6cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-4.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 49ms
48ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-4.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 5418
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-152a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9e7cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-5.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 42ms
42ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-5.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 5840
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-16d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9e9cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-6.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 46ms
45ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-6.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 7495
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9ebcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-7.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 44ms
43ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-7.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14869
status: 200
content-length: 7085
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dce9fde9eccadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=354595339&t=pageview&_s=1&dl=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ul=en-us&de=UTF-8&dt=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_gid=587188786.1580486589&gjid=1917206301&_v=j80&z=1820417365
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365&slf_rd=1&random=909834574

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365&slf_rd=1&random=909834574

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=850043367.1580486589&jid=1775250592&_v=j80&z=1820417365&slf_rd=1&random=909834574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 26ms
19ms Script
text/javascript 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 894912
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 27746
x-amz-id-2: WFtL7rtJUHpbJiKE6XkoUhGx1pVyC/xzjsMEsuLQY4IwqPwxt3yQo0sZztFcg/Y94HXfAWla/4w=
Last-Modified: Mon, 21 Oct 2019 20:13:23 GMT
Server: cloudflare
ETag: "df893ab92782cedac4da4785df9ec68e"
Vary: Accept-Encoding
x-amz-request-id: 2AA1CCE6F031F35C
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
CF-RAY: 55dce9fe2c9fd6cd-FRA
Expires: Fri, 31 Jan 2020 16:33:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 30ms
17ms Font
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2a853b05bbe052cf44cfeb55397e715486ed0e387b052250f73b7c9e23cbeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 31 Jan 2020 16:03:09 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 31 Jan 2020 16:03:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 31 Jan 2020 16:03:09 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 33ms
14ms Script
application/javascript 2606:4700:3034::6812:3fe8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:3fe8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 362
cf-polished: origSize=5437
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 55dce9fe4e7fdfb1-FRA
cf-bgj: minify

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame EBE0 29 KB
9 KB 95ms
18ms Script
text/javascript 104.124.134.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.134.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-134-131.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2843
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Fri, 31 Jan 2020 16:50:32 GMT

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 7BF2 29 KB
9 KB 95ms
20ms Script
text/javascript 104.124.134.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.134.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-134-131.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2843
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Fri, 31 Jan 2020 16:50:32 GMT

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 29C2 29 KB
9 KB 97ms
22ms Script
text/javascript 104.124.134.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.134.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-134-131.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2843
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Fri, 31 Jan 2020 16:50:32 GMT

GET
H2 200 impl.20200130-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 434 KB
123 KB 64ms
21ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200130-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac411f9a466b5a9d7fcb8c4d7b8bec0ad7308be10826f96f893b8f02ca560e01

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: 8IRzv24osLnJ9XmILwbVGrx0uQlwRDKE
content-encoding: gzip
age: 89
x-cache: HIT
status: 200
date: Fri, 31 Jan 2020 16:03:09 GMT
x-amz-replication-status: COMPLETED
content-length: 125082
x-amz-id-2: BOcC+28UY4eijisxN+dg2AHNpZGo7fPMbcn7PtRxnTUsnqPOEd3HxadotHI6KSvPZVRDAmog+GQ=
x-served-by: cache-hhn4053-HHN
last-modified: Thu, 30 Jan 2020 14:24:53 GMT
server: AmazonS3
x-timer: S1580486589.210752,VS0,VE0
etag: "73afdca9ba3818419fad537749483ff5"
vary: Accept-Encoding
x-amz-request-id: CD8C13B389144088
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 5
x-cache-hits: 793

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 44ms
14ms Script
application/x-javascript 104.85.250.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.250.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-250-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sat, 01 Feb 2020 16:03:09 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
707 B 36ms
35ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.9828837486835809
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 8
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
x-amz-request-id: 0EAF4E1BA06C19B7
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 55dce9fe7d9bd6cd-FRA
Content-Length: 43
x-amz-id-2: BqCPjZAPsLbKDpICneWtqUUbPcKoT0de6uFdSMN2JLxel8c9UpfO++gKfB9AINE05qeEB8pFzSM=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
707 B 22ms
16ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.9828837486835809
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 8
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
x-amz-request-id: 0EAF4E1BA06C19B7
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 55dce9fe799fdfdf-FRA
Content-Length: 43
x-amz-id-2: BqCPjZAPsLbKDpICneWtqUUbPcKoT0de6uFdSMN2JLxel8c9UpfO++gKfB9AINE05qeEB8pFzSM=

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A%...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A...

0
248 B

19ms
18ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A%2F%2Fclassfifth53.darkbb.com%2F&c9=&cs_ak_ss=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1580486589215&ns_c=UTF-8&cv=3.1&c8=Free%20forum%20%3A%20Sci%20-%20Math%204%2F5%20%2753%20~%20ST%20Buu%20-%20Portal&c7=http%3A%2F%2Fclassfifth53.darkbb.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 151376-2.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame EBE0 2 KB
3 KB 154ms
85ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.82696926575429&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: e3b1b444857ee9e0a27589299e008fc007d1aaa310094e07905c8ef1fa94b8ed

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 1222
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 151378-15.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame 7BF2 3 KB
3 KB 186ms
112ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.13697513130051098&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8e558160c9152a008897fa793576f7b3ab5a2f69c6378e1c960ed2175b596d44

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=294
Content-Length: 2014
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 151378-15.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame 29C2 3 KB
3 KB 164ms
89ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.48449047007382573&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 7a2451938d4e75f871434294f74c632b5bf9235c6c2fe37c84af8447f958aa34

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=67
Content-Length: 2020
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame EBE0 20 KB
10 KB 102ms
34ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=33408241;rtbwp=CE0FDB11CB72D40C;rtbdata=8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/1be3984f-a6c8-424a-ae24-ce097f4c2367/

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.82696926575429&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2&rp_secure=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0a9cab8107561f0dac5bae9c40f96b83e312a2648c5a92b2a5c55579d8a3eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:09 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 9807
expires: -1

GET
H/1.1 200
OK 1be3984f-a6c8-424a-ae24-ce097f4c2367
beacon-eu2.rubiconproject.com/beacon/d/ Frame EBE0 43 B
268 B 107ms
31ms Image
image/webp 69.173.144.155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/1be3984f-a6c8-424a-ae24-ce097f4c2367?oo=0&accountId=11662&siteId=36514&zoneId=151376&sizeId=2&e=6A1E40E384DA563B9F4B373B6284D94A877CFFEF6EA4270439A9F79E6AF77A46F68A511118FB3E53B0E3FCE9E20DCC77172DB22D3B21A9B54D16E38D11176C1739274606D78C24D627CB14578DB6DB129B87D8CEA203A03069181BF91D718ADBBB10A9A66ADD1695B44EAEDF0B5C001A5750148BE8815729D9175B82CA54F75DFBB02E3AF72DBB8CF87CF3ED62A27379C906E3D99347F00C1B306DECBE4FFA69198F0BE922C5054683597A2E9F24D21E078FE8B208178A7BA0C451D66B41212B28D28684D0B8C14ECDA10306204D320B
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:08 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 29C2 2 KB
2 KB 74ms
26ms Script
application/x-javascript 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTkRoa05HRTNORGN0TURFMk9DMDFPRFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwMzE2MDkzNzYxNzczMjkzNDEvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYmZwb2E2TjRlRG1NNTNmOFJxdFh5RS8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MDMxNjA5Mzc2MTc3MzI5MzQxL2Ftcy8wLzQzNy83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/TSyDRkS8Foy4CGpF-46uYX4de4U&nodeid=334&group=eu&auctionid=6031609376177329341&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.48449047007382573&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 76868cc3f166022137cb99171e1847e5bf256e6de38ed0d6000810ae24394727

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1580486589
Last-Modified: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
x-mm-latency: 2 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x28, cdg-bidder-x44
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOnRydWUsIlBCU3RhdGUiOiJXaW4iLCJEdXBOb3RpZnkiOmZhbHNlLCJCaWRDbGFpbWVkIjpmYWxzZSwiUEJTV29ya2VkIjpmYWxzZSwiUEJTV2luUGF5bG9hZCI6IiJ9
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H/1.1 200
OK fc7600fb-486a-4e79-9b52-8bec8cf2ac66
beacon-eu2.rubiconproject.com/beacon/d/ Frame 29C2 43 B
268 B 106ms
31ms Image
image/webp 69.173.144.155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/fc7600fb-486a-4e79-9b52-8bec8cf2ac66?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563B3425FD3071E90C3C898F33FCEE54669391D97AA6F0F11EDB8A95FFC3C50E65F95B730C7EA4EA2A68172DB22D3B21A9B52E0212582FD59A6D39274606D78C24D620384A4CE700BB9BE581C7278562D885EA37445C5DECFC9B993D6E74EE8FBEBCB56DC3566445898825A4054A199ABF5CB7AF511BC9A0C075482C5ACA3EFAC6FD66C9C92D401CB018D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B878CAEF243073B71C698211A24659DB368E34593F7A2556FF25744BD248E628430D8EFC9095A1DF1FB493820F5D8C48B3B412EC3192328D16787564BED1DE5902D38940D47094D2BDD95FB8E54DFD88A1190CCA12DABDC4B39EAFFD892E899BC6BAE3E1AC3A789537C0E2445A3023E836512DC5B15F6224D2A938C2B94BEF689F9CB69808ECB8896BB9014C6E0F092B14F345D406E33828DC70F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C39889EE741CE714E31AFA4363D3A7EAA2FE2626DE2272160F039DE8DD0D7F4E0481BCA1E8831F78FAC4982F8EAD9EDB5748E70642CB6B5B447DA78787E822D6140FC2A5638AC76EA9163580222A6415C05855D0AF4D77688FE3CF39DDF6933FD7E414784D14BF6952FEE1132BDF89288447F545A5A55B6778D0F1B0C8B835861275730F533D87077EEA0D8F738AB7DF5994FB35BC5EDCAD0DAC5AB9426A039B02788B88E55A40445A51465123C1D97048912D6598877BE17BE706ED968E86808435775EE180C0A5213CB8A388424A6131608D21F42A44EC790499C884E0DDC0F8F79429CBC7B78F345584D7BC8ADA516E75
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.48449047007382573&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:08 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 7BF2 2 KB
2 KB 94ms
39ms Script
application/x-javascript 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTjJNME5HUXhORGd0Tm1Jd1l5MHhaVFpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE0MjQ1MDYyMTU2MzAwNTA0OTMvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sUUE1MmdqS0NKM19FT3M5ZklJd2pSMC8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNDI0NTA2MjE1NjMwMDUwNDkzL3pyaC8wLzcyMC83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/EicIaWVfuUwQ4ZBwTO6SFU4WYbs&nodeid=1615&group=eu&auctionid=1424506215630050493&exch=ruc&sid=4562355&cid=6622472&price=5B54C3091C36AE39&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.13697513130051098&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 6bc8239f11ef21901544bb4a1428562f864f2390ec8ea3b445f38f73769b0a4c

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1580486589
Last-Modified: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
x-mm-latency: 11 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x50, zrh-bidder-x126
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOnRydWUsIlBCU3RhdGUiOiJXaW4iLCJEdXBOb3RpZnkiOmZhbHNlLCJCaWRDbGFpbWVkIjpmYWxzZSwiUEJTV29ya2VkIjpmYWxzZSwiUEJTV2luUGF5bG9hZCI6IiJ9
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H/1.1 200
OK 7bb7f9bb-220d-4d54-8f09-d7f54e47094d
beacon-eu2.rubiconproject.com/beacon/d/ Frame 7BF2 43 B
268 B 105ms
33ms Image
image/webp 69.173.144.155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/7bb7f9bb-220d-4d54-8f09-d7f54e47094d?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563B6491D396FA0E72A4822B2832F264224FD1C9890A7D24B83D6AF9CC5120D623FF001BE18D79B492C2172DB22D3B21A9B5A008E7D77E6C02D639274606D78C24D620384A4CE700BB9BE581C7278562D885EA37445C5DECFC9B993D6E74EE8FBEBC4B866FE0874CBB3646370AEEA8DF37D9CD3F868F0BB24A895539A16ADFC9B2C20DEC3331545DB340D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B87FFAD888D8FFEE8BC68A375EAA4CE816EDD2524599F6D12965659497EB0654AC4D8EFC9095A1DF1FB493820F5D8C48B3B412EC3192328D16787564BED1DE5902D38940D47094D2BDD95FB8E54DFD88A1118090E9A6891369FDC6BE11B75FBAF9A51FFA41ED9E080619C223287941F54CDD2CCCB654BF023C2938C2B94BEF689F9CB69808ECB8896BB9014C6E0F092B14F345D406E33828DC70F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C398445FC3B40B1A818D0A39EA3E12B558BE7A8EB339556A2685FFE6D52C64ADFE993E18C15FA2A590F75DB0CF49A97FE618E70642CB6B5B447DA78787E822D6140FC2A5638AC76EA9163580222A6415C05855D0AF4D77688FE3CF39DDF6933FD7E414784D14BF6952FEE1132BDF892884473BE13045DFB1297C42B83A6F9292CE5650012071C13565BF20468137B1FA6B23DB386CF4646584486240B348FC26EBCF7C8B0EBE23EC9D11025C5E2959C72FBE58A96C72445682E3D82D574BB593C5987EB53C522F788E35384BE0A63205FFF5FB82926E8E9AC405F2BA9972CC539996937DCE55857DC94BC7A4DC66A270441B
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.13697513130051098&tk_st=1&rf=http%3A//classfifth53.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:08 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H/1.1 200
OK zrti13rjdl37 Show response
hal9000.redintelligence.net/zone/ Frame 29C2 10 KB
3 KB 24ms
17ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/zrti13rjdl37?subid=&rnd=6031609376177329341&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b16fb58f4673a7660bfe7dc51f88c5720efc34e5d0efc8e5cbb37c8c23644b5d

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2816
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 29C2 49 B
329 B 74ms
28ms Image
image/gif 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6031609376177329341&node_id=334&exch_id=9
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTkRoa05HRTNORGN0TURFMk9DMDFPRFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwMzE2MDkzNzYxNzczMjkzNDEvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYmZwb2E2TjRlRG1NNTNmOFJxdFh5RS8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MDMxNjA5Mzc2MTc3MzI5MzQxL2Ftcy8wLzQzNy83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/TSyDRkS8Foy4CGpF-46uYX4de4U&nodeid=334&group=eu&auctionid=6031609376177329341&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x50, cdg-bidder-x44
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 29C2 43 B
359 B 82ms
42ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=6031609376177329341&v3=651871&v4=4562355&v5=6622472&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTkRoa05HRTNORGN0TURFMk9DMDFPRFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwMzE2MDkzNzYxNzczMjkzNDEvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYmZwb2E2TjRlRG1NNTNmOFJxdFh5RS8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MDMxNjA5Mzc2MTc3MzI5MzQxL2Ftcy8wLzQzNy83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/TSyDRkS8Foy4CGpF-46uYX4de4U&nodeid=334&group=eu&auctionid=6031609376177329341&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2049 2965a32 master cdg-pixel-x1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MT3 2049 2965a32 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Jan 2020 16:03:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 29C2 49 B
329 B 75ms
27ms Image
image/gif 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=6031609376177329341&st=4562355&time=1580486589&nodeid=334
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTkRoa05HRTNORGN0TURFMk9DMDFPRFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwMzE2MDkzNzYxNzczMjkzNDEvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYmZwb2E2TjRlRG1NNTNmOFJxdFh5RS8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MDMxNjA5Mzc2MTc3MzI5MzQxL2Ftcy8wLzQzNy83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/TSyDRkS8Foy4CGpF-46uYX4de4U&nodeid=334&group=eu&auctionid=6031609376177329341&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x44, cdg-bidder-x44
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame EBE0 31 KB
15 KB 91ms
30ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=33408241;rtbwp=CE0FDB11CB72D40C;rtbdata=8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/1be3984f-a6c8-424a-ae24-ce097f4c2367/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5226d55c392473171761073c26df4b7d01aadff8a00bd2a02a9acb7d31e456e8

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 12:46:43 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 01 Feb 2020 18:59:39 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 29C2
Redirect Chain

http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...
http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...

3 KB
2 KB

83ms
77ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=564717201843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 138.201.63.165 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fe9f70a1a3ee99f602325db20422407142a18c83ef28a76f1a51438b17cfac64

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 37150400136508300951457011125005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1131
Expires: Fri, 31 Jan 2020 16:03:09 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=564717201843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 31 Jan 2020 16:03:09 +0100

GET
H/1.1 200
OK zrti13rjdl37 Show response
hal9000.redintelligence.net/zone/ Frame 7BF2 10 KB
3 KB 24ms
18ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/zrti13rjdl37?subid=&rnd=1424506215630050493&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 27537247f9c21ef1afc8c971ce95a1b535d9819023019f8faebb5b5a1fcd024c

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2819
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 7BF2 49 B
330 B 81ms
46ms Image
image/gif 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1424506215630050493&node_id=1615&exch_id=9
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTjJNME5HUXhORGd0Tm1Jd1l5MHhaVFpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE0MjQ1MDYyMTU2MzAwNTA0OTMvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sUUE1MmdqS0NKM19FT3M5ZklJd2pSMC8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNDI0NTA2MjE1NjMwMDUwNDkzL3pyaC8wLzcyMC83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/EicIaWVfuUwQ4ZBwTO6SFU4WYbs&nodeid=1615&group=eu&auctionid=1424506215630050493&exch=ruc&sid=4562355&cid=6622472&price=5B54C3091C36AE39&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x38, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 7BF2 43 B
360 B 75ms
35ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=1424506215630050493&v3=651871&v4=4562355&v5=6622472&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTjJNME5HUXhORGd0Tm1Jd1l5MHhaVFpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE0MjQ1MDYyMTU2MzAwNTA0OTMvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sUUE1MmdqS0NKM19FT3M5ZklJd2pSMC8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNDI0NTA2MjE1NjMwMDUwNDkzL3pyaC8wLzcyMC83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/EicIaWVfuUwQ4ZBwTO6SFU4WYbs&nodeid=1615&group=eu&auctionid=1424506215630050493&exch=ruc&sid=4562355&cid=6622472&price=5B54C3091C36AE39&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2049 2965a32 master cdg-pixel-x19 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MT3 2049 2965a32 master cdg-pixel-x19
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Jan 2020 16:03:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 7BF2 49 B
330 B 76ms
40ms Image
image/gif 185.29.135.42
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=1424506215630050493&st=4562355&time=1580486589&nodeid=1615
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIxLyAvTjJNME5HUXhORGd0Tm1Jd1l5MHhaVFpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE0MjQ1MDYyMTU2MzAwNTA0OTMvNjYyMjQ3Mi80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sUUE1MmdqS0NKM19FT3M5ZklJd2pSMC8xLzkvMC8wLzk1NjgwMy8xNTA5NTA3MjY5LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNDI0NTA2MjE1NjMwMDUwNDkzL3pyaC8wLzcyMC83MS85OTkvNDAvODkuMjQ5LjY0LjAvMC4wMDAvMTU4MDQ4NjU4OS8xNTgwNDkwMTg5Lw/EicIaWVfuUwQ4ZBwTO6SFU4WYbs&nodeid=1615&group=eu&auctionid=1424506215630050493&exch=ruc&sid=4562355&cid=6622472&price=5B54C3091C36AE39&bp=a_aceaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.42 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.162.7 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: MMBD/3.162.7
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x49, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 31 Jan 2020 16:03:08 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 7BF2
Redirect Chain

http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

100ms
94ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=4923277097231&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 8d3a6b95815cfb6d76e0467f4dbb1023f9e009f69d19964880a3d25e4f6a7092

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92877400143228500951457011125027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1133
Expires: Fri, 31 Jan 2020 16:03:09 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=4923277097231&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 31 Jan 2020 16:03:09 +0100

GET
H2 200 / Show response
track.adform.net/wpf/v2/kta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMVGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dTpjCEN8gyjMqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZR... Frame EBE0 6 KB
3 KB 35ms
35ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/wpf/v2/kta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMVGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dTpjCEN8gyjMqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKs3Us_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6KkuMhQnIq1QEfpxf7_OLgiPFMtrs1OeyjaY2JoaLOzhEsCtZtngauyCMKtpBSKxUC56MnGWpwoNSUC550iakHGOg4CpW2p.QfqBZCmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_0U.0Y.KI0IZ_DK1e6Stbw9MwEQrgPuVr914VecL57GY5BNv_uY5BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc3eielF1VLf4.ATjV..Uq/adfserve/?CC=1&bn=33408241;rtbwp=CE0FDB11CB72D40C;rtbdata=8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f1be3984f-a6c8-424a-ae24-ce097f4c2367%2f;js=1;adfxid=1x;2235;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=http%3A%2F%2Fclassfifth53.darkbb.com%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5575eba1b2ce90cab23bc3e65ca66b94044f8bc0cec81d8fd51db2cec9baa032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:09 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2813
expires: -1

GET
H2

200

view.aspx
pb.media01.eu/ Frame 351D
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=37150400136508300951457011125005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=

0
0

71ms
38ms

Document
text/html

85.10.231.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: http://hal90005.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=9833c273b3&subid=&uid=3e960158a12ef154&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6031609376177329341%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D1c5e5e34-4fbd-4101-8198-2029dd6bcf0c%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffc7600fb-486a-4e79-9b52-8bec8cf2ac66%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=564717201843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.10.231.199 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-231-199.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://classfifth53.darkbb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

status: 200
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 31 Jan 2020 05:03:09 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=flbb2w5csweu05eyujturili; path=/; secure; HttpOnly DTU=7F34454A007ABA46FAC93A0900E4CA1C; expires=Mon, 31-Jan-2022 16:03:09 GMT; path=/; SameSite=None; secure
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 31 Jan 2020 16:03:08 GMT
content-length: 0

Redirect headers

status: 302
server: nginx/1.17.5
date: Fri, 31 Jan 2020 16:03:09 GMT
content-type: text/html; charset=UTF-8
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=37150400136508300951457011125005&actionid=731824&produktid=businessgiro&dt_url=
x-powered-by: PHP/7.2.21
set-cookie: PHPSESSID=03q5p64vvuhd8rqqro0knka6ns; path=/ session_trs=5e344fbd8fa04f21901f1569; path=/; samesite=none; domain=.medialead.de; secure trs=5e344fbd8fa04f21901f1569; expires=Sat, 30-Jan-2021 16:03:09 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure trscj=fHwxNTgwNDg2NTg5fEwzUnlZMnN2WlhCMkwyVTVPV0ZoWTJVNU5HVTJaVFU0TnpNNE16QmhOMlJtT0dSbFpHRTBZV0UyUDNOMVltbGtQVE0zTVRVd05EQXdNVE0yTlRBNE16QXdPVFV4TkRVM01ERXhNVEkxTURBMUpuUTlhSFJzY0E9PXxhSFIwY0RvdkwyTnNZWE56Wm1sbWRHZzFNeTVrWVhKclltSXVZMjl0THc9PQ%3D%3D; expires=Sat, 30-Jan-2021 16:03:09 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubdomains;preload

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 29C2 12 KB
12 KB 446ms
124ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=37150400136508300951457011125005&js=1&nw=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: bb25e76d200c6eec5b27e019a56841a8ed06af072ab8f2c3a6f62f7f6570b705

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Last-Modified: Fri, 31 Jan 2020 16:03:09 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 29C2
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=37150400136508300951457011125005
https://ad-server.eu/wm/pb/native.png

68 B
312 B

144ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_128_CBC
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:04:10 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

status: 301
date: Fri, 31 Jan 2020 16:03:09 GMT
server: nginx/1.17.5
strict-transport-security: max-age=63072000;includeSubdomains;preload
x-powered-by: PHP/7.2.21
location: https://ad-server.eu/wm/pb/native.png
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 8qo5liw3f0bw Show response
hal9000.redintelligence.net/zone/ Frame EBE0 10 KB
3 KB 274ms
17ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/8qo5liw3f0bw?subid=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33408241%3Bcrtbwp%3DCE0FDB11CB72D40C%3Bcrtbdata%3D8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0%3Badfibeg%3D0%3Bcdata%3DTf7IbaRMEpZNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt4JxoOtPJQMDUREM0Vuhy0dH5-FVYzd2dDDpgQ4amqW4RSC-01e1NKWimfCeDHtYUMn2OFfAXTfUymQJNpuCFFnVNo0wcxW4_m7WDaCkDEhOnxZ1OozxGLKMkDiU3E7eS1traigoMmk2zHI6gI6kjITtvSr1DFS6FzJM82wqRMST08XAqjB5WhVGOOtl1LQk3A1%3B%3BCREFURL%3Dhttp%253a%252f%252fclassfifth53.darkbb.com%252f%3BC%3D1%3Bcpdir%3D
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 789466d103f900b6414f3317e5b7f22426f45791652f7c0d5ac15df7898da262

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:03:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3198
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/csimpr/ Frame EBE0 35 B
465 B 32ms
32ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=33408241&csi=9kn1ysF92QOH5W4oJkjF2zOEqZGZ2MSW8bLo5triSMiYiLV2MCtuHUqbD_y4I5ulGUwTJ5yCxnnG8FGUGFd-8lqWibCpnDH2AoPhKFuEhoGRS64N28ia2w2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:09 GMT
server: nginx
access-control-allow-origin: http://classfifth53.darkbb.com
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 304 B
993 B 1086ms
59ms XHR
text/javascript 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 19533646481cdf097a4e2de109ad0e90253efab86c2f179f355a9a7ec9b3e528

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:09 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://classfifth53.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame 5BC1
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92877400143228500951457011125027&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=

0
0

69ms
32ms

Document
text/html

85.10.231.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=

Requested by

Host: hal900027.redintelligence.net
URL: http://hal900027.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=2fb716b192&subid=&uid=8fe5679e12a55472&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1424506215630050493%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Ddc8f5e34-4fbd-4b01-8791-660c428e8a7a%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F7bb7f9bb-220d-4d54-8f09-d7f54e47094d%2F%26redirect%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=4923277097231&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.10.231.199 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-231-199.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://classfifth53.darkbb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

status: 200
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 31 Jan 2020 05:03:09 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=ymjpj03xdoowk4gzgfwftiok; path=/; secure; HttpOnly DTU=03D9BACA50D4C02440CEA2D146C4AC0B; expires=Mon, 31-Jan-2022 16:03:09 GMT; path=/; SameSite=None; secure
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 31 Jan 2020 16:03:08 GMT
content-length: 0

Redirect headers

status: 302
server: nginx/1.17.5
date: Fri, 31 Jan 2020 16:03:09 GMT
content-type: text/html; charset=UTF-8
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92877400143228500951457011125027&actionid=879111&produktid=postbankratenkredit&dt_url=
x-powered-by: PHP/7.2.21
set-cookie: PHPSESSID=9pk4h1i2fn70k0asc99osh0ang; path=/ session_trs=5e344fbdede6c408674931a3; path=/; samesite=none; domain=.medialead.de; secure trs=5e344fbdede6c408674931a3; expires=Sat, 30-Jan-2021 16:03:09 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure trscj=fHwxNTgwNDg2NTg5fEwzUnlZMnN2WlhCMkwyVTVPV0ZoWTJVNU5HVTJaVFU0TnpNek9UTTJZMlJrT1RZMVpEQXpaVGMxUDNOMVltbGtQVGt5T0RjM05EQXdNVFF6TWpJNE5UQXdPVFV4TkRVM01ERXhNVEkxTURJM0puUTlhSFJzY0E9PXxhSFIwY0RvdkwyTnNZWE56Wm1sbWRHZzFNeTVrWVhKclltSXVZMjl0THc9PQ%3D%3D; expires=Sat, 30-Jan-2021 16:03:09 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubdomains;preload

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 7BF2 12 KB
12 KB 603ms
128ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=92877400143228500951457011125027&js=1&nw=1
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: ff472dcf0e22c21bd1770791af2bc13c96c9b87ece2bfa59583da3f30297b149

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Last-Modified: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7BF2
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=92877400143228500951457011125027
https://ad-server.eu/wm/pb/native.png

68 B
312 B

115ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_128_CBC
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 16:04:10 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

status: 301
date: Fri, 31 Jan 2020 16:03:09 GMT
server: nginx/1.17.5
strict-transport-security: max-age=63072000;includeSubdomains;preload
x-powered-by: PHP/7.2.21
location: https://ad-server.eu/wm/pb/native.png
content-type: text/html; charset=UTF-8

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.184/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ Frame EBE0 34 KB
15 KB 40ms
40ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.184/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 12:46:43 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 01 Feb 2020 19:13:25 GMT

GET
H/1.1 200
OK request.php Show response
hal900010.redintelligence.net/ Frame EBE0 610 B
914 B 1110ms
61ms Script
application/x-javascript 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900010.redintelligence.net/request.php?zone=8qo5liw3f0bw&nw=20&renderingType=javascript&namespace=0bee041fa8&subid=&uid=3e20e1e35c825bca&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33408241%3Bcrtbwp%3DCE0FDB11CB72D40C%3Bcrtbdata%3D8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0%3Badfibeg%3D0%3Bcdata%3DTf7IbaRMEpZNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt4JxoOtPJQMDUREM0Vuhy0dH5-FVYzd2dDDpgQ4amqW4RSC-01e1NKWimfCeDHtYUMn2OFfAXTfUymQJNpuCFFnVNo0wcxW4_m7WDaCkDEhOnxZ1OozxGLKMkDiU3E7eS1traigoMmk2zHI6gI6kjITtvSr1DFS6FzJM82wqRMST08XAqjB5WhVGOOtl1LQk3A1%3B%3BCREFURL%3Dhttp%253a%252f%252fclassfifth53.darkbb.com%252f%3BC%3D1%3Bcpdir%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=7404917297122&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: http://hal9000.redintelligence.net/zone/8qo5liw3f0bw?subid=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33408241%3Bcrtbwp%3DCE0FDB11CB72D40C%3Bcrtbdata%3D8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0%3Badfibeg%3D0%3Bcdata%3DTf7IbaRMEpZNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt4JxoOtPJQMDUREM0Vuhy0dH5-FVYzd2dDDpgQ4amqW4RSC-01e1NKWimfCeDHtYUMn2OFfAXTfUymQJNpuCFFnVNo0wcxW4_m7WDaCkDEhOnxZ1OozxGLKMkDiU3E7eS1traigoMmk2zHI6gI6kjITtvSr1DFS6FzJM82wqRMST08XAqjB5WhVGOOtl1LQk3A1%3B%3BCREFURL%3Dhttp%253a%252f%252fclassfifth53.darkbb.com%252f%3BC%3D1%3Bcpdir%3D
Protocol: HTTP/1.1
Server: 138.201.63.145 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 412c62577db948a034a65afb8c7d25c79c702799e97bf486604e95393e840b87

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 75793100137537901232265011125010
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Fri, 31 Jan 2020 16:03:11 +0100

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ Frame 29C2 44 KB
13 KB 63ms
7ms Script
application/javascript 2600:9000:21f3:2a00:9:352d:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=37150400136508300951457011125005&js=1&nw=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:2a00:9:352d:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daa1a0aaf242d4f8390845fbfe69154088771a88590c0688b8e26a9b167e125d

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 09:36:18 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 09:36:14 GMT
server: AmazonS3
age: 23208
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rbtEOnLbo1VfA7JatogfRc_ruZP2cQg_
status: 200
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: EvKyvv-EhwOhDc1yaU8LqKEma0Ua2r27TWDMQxOWlF1cH2DENHZfsA==
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 29C2 79 B
374 B 568ms
495ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=7Wa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKs3Us_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6KkuMhQnIq1QEfpxf7_OLgiPFMJhHFW_jftckkCoqAkCoq4ly_0x0uVMV0jftckcKyAd65hz7YOK2w5ADwIlUjVsYwQ9dvcpxUyL4T94T06y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRD_vLwoxVanuxUPm8LKfAaZ4ySy.aPjftckpC8_aUvIy2TODRv8ijYKpTSI6KUMnGWpwoNSUC56MnGWVQdg3ZLQ0ISNFxF5v3.g4i.uJtHoqvynx9MsFyxYM914Ve_clrurk.Nk4JkJt8I_FeWrTOz1_yL6rgPuVr914VecL57GY5BNv_urfs.B7V&wgcookie=%7B%22wgifp7121%22%3A%5B%2299582%22%2C%227121%22%2C%222513145%22%2C%22%22%2C%221580486590%22%2C%22http%253A%252F%252Fclassfifth53.darkbb.com%252F%22%2C%22%22%2C%22%22%2C%221588262590%22%2C%2237150400136508300951457011125005%22%5D%7D&wgchecksum=d7fc3b0a6351a9dda07d6563496662a1&userIP=89.249.64.197&doAffectv=1&wgtime=1580486590
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=37150400136508300951457011125005&js=1&nw=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: c1e1428cc0f2552d4ff472f15ae57fcfb86205ba97094226a52362e8cdd7c02a

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 29C2 3 KB
3 KB 2642ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=90225200144064300710784011125019&wglinkid=2513145
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:12 GMT
Last-Modified: Fri, 31 Jan 2020 16:03:12 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692
5994599.fls.doubleclick.net/ Frame B490
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692?

0
0

52ms
52ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692?

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://classfifth53.darkbb.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 31 Jan 2020 16:03:10 GMT
expires: Fri, 31 Jan 2020 16:03:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 321
x-xss-protection: 0
set-cookie: IDE=AHWqTUkqYBbhuiFAoROgOeebyZKovbqJ-axfvKxNveNef859OEQ0Tw1ZTkCU4cJY; expires=Wed, 24-Feb-2021 16:03:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 31 Jan 2020 16:03:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLzusK6brucCFde23godBJgCSw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7193559686311.692?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 31-Jan-2020 16:18:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php
hal90005.redintelligence.net/ Frame 64F9 0
0 34ms
25ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90005.redintelligence.net/request_content.php?s=37150400136508300951457011125005&a=72114eda
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 138.201.63.165 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90005.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate
Cookie: 8lcfmzhxc8d6_uid=0faaa44fb999ff2b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 31 Jan 2020 16:03:10 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1455
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 4986 0
0 275ms
9ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRB/C4WPGUmesEFiaAnqRSjT4sl0Fg1EK+hUVPp2REB8kpQWpDb9cNar8JKS3YwvUbrrxlA==; ses2=36514^1; vis2=36514^1; ses15=36514^1; vis15=36514^1; khaos=K62CWP7L-J-L2ME; audit=1|hLZGFuTafB1vsWCpiC/bem1/WT3G7yYlX5rLmMHoBYq+RdXzBafJ8lhy7SqvUYbYgVYi0pd03sJymPvo8plePxVuVIJa6pcrOD8rEw1wF/0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 30 Jan 2020 22:14:46 GMT
Content-Encoding: gzip
Content-Length: 7743
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31490
Expires: Sat, 01 Feb 2020 00:48:00 GMT
Date: Fri, 31 Jan 2020 16:03:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 29C2 60 B
241 B 158ms
25ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1580486590197
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 61afc66a93e2d75c39e5237f2c3adccbc84433b91dfeec7cd43ed5b973e26ac8

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:10 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
x-cloud-trace-context: d2b7c2b6f6d568710aa269994bf52b98
cache-control: private
content-length: 71

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ Frame 7BF2 44 KB
13 KB 13ms
12ms Script
application/javascript 2600:9000:21f3:2a00:9:352d:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=92877400143228500951457011125027&js=1&nw=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:2a00:9:352d:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daa1a0aaf242d4f8390845fbfe69154088771a88590c0688b8e26a9b167e125d

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 09:36:18 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 09:36:14 GMT
server: AmazonS3
age: 23208
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rbtEOnLbo1VfA7JatogfRc_ruZP2cQg_
status: 200
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: UIf_FpJ2tLMczEIeONDGe-hHBseuTE60xhgujvJ7cIHBYn97kdVzVA==
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 7BF2 79 B
374 B 286ms
249ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=VWa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKs3Us_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6KkuMhQnIq1QEfpxf7_OLgiPFMJhHFW_jftckkCoqAkCoq4ly_0x0uVMV0jftckcKyAd65hz7YOK2w5ADwIlUjVsYwQ9dvcpxUyL4T94T06y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRD_vLwoxVanuxUPm8LKfAaZ4ySy.aPjftckpC8_aUvIy2TODRv8ijYKpTSI6KUMnGWpwoNSUC56MnGWVQdg3ZLQ0ISNFxF5vFWKpiLs2dI_AIQjvEodUW2vqCRc7L1eLY6TJCw.5B0KB4DHJtJ9cSraUkdU_Wxv5icCmVWN9e4WX3NlY5DtThuy.4vV&wgcookie=%7B%22wgifp7121%22%3A%5B%2299582%22%2C%227121%22%2C%222513145%22%2C%22%22%2C%221580486590%22%2C%22http%253A%252F%252Fclassfifth53.darkbb.com%252F%22%2C%22%22%2C%22%22%2C%221588262590%22%2C%2292877400143228500951457011125027%22%5D%7D&wgchecksum=88a81a698b426266a3b305ee7dc47ec0&userIP=89.249.64.197&doAffectv=1&wgtime=1580486590
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&viewref=92877400143228500951457011125027&js=1&nw=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: c1e1428cc0f2552d4ff472f15ae57fcfb86205ba97094226a52362e8cdd7c02a

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 7BF2 3 KB
3 KB 2386ms
22ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=30237200139269700951403011125011&wglinkid=2513145
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:12 GMT
Last-Modified: Fri, 31 Jan 2020 16:03:12 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284
5994599.fls.doubleclick.net/ Frame 6EF3
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284?

0
0

47ms
47ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284?

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://classfifth53.darkbb.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 31 Jan 2020 16:03:10 GMT
expires: Fri, 31 Jan 2020 16:03:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
set-cookie: IDE=AHWqTUlT3kPKOzxR-NUf2mtto_l1kzkI2fvoe81qZBTVEr_aIP1njm6yMF5AxuWi; expires=Wed, 24-Feb-2021 16:03:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 31 Jan 2020 16:03:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjysK6brucCFUiC3godMhMGfA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7429725649437.284?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 31-Jan-2020 16:18:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php
hal900027.redintelligence.net/ Frame FD9F 0
0 274ms
17ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900027.redintelligence.net/request_content.php?s=92877400143228500951457011125027&a=cc02746e
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900027.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate
Cookie: 8lcfmzhxc8d6_uid=0faaa44fb999ff2b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 31 Jan 2020 16:03:10 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1442
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame DC42 0
0 14ms
14ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRB/C4WPGUmesEFiaAnqRSjT4sl0Fg1EK+hUVPp2REB8kpQWpDb9cNar8JKS3YwvUbrrxlA==; ses2=36514^1; vis2=36514^1; ses15=36514^1; vis15=36514^1; khaos=K62CWP7L-J-L2ME; audit=1|hLZGFuTafB1vsWCpiC/bem1/WT3G7yYlX5rLmMHoBYq+RdXzBafJ8lhy7SqvUYbYgVYi0pd03sJymPvo8plePxVuVIJa6pcrOD8rEw1wF/0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 30 Jan 2020 22:14:46 GMT
Content-Encoding: gzip
Content-Length: 7743
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31490
Expires: Sat, 01 Feb 2020 00:48:00 GMT
Date: Fri, 31 Jan 2020 16:03:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 track Show response
w-it.m-t.io/ Frame 29C2 0
77 B 30ms
30ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=99582&clickId=7121_99582_15804865900015_e5ddbbd8d4&programId=7121&expiry=1588262590&acc=wg&scriptTag=&type=postview&indicator=efea1197c5210000d86178c45d496f63&
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
x-cloud-trace-context: 8df3e465d521a9afb02f6b018820c8d5
server: Google Frontend
date: Fri, 31 Jan 2020 16:03:10 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 7BF2 60 B
159 B 23ms
23ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1580486590466
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 61afc66a93e2d75c39e5237f2c3adccbc84433b91dfeec7cd43ed5b973e26ac8

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:10 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
x-cloud-trace-context: 68cfa1aa610f35612c626b4da0e17d55
cache-control: private
content-length: 71

GET
H2 200 track Show response
w-it.m-t.io/ Frame 7BF2 0
76 B 33ms
33ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=99582&clickId=7121_99582_15804865902129_87ba23b599&programId=7121&expiry=1588262590&acc=wg&scriptTag=&type=postview&indicator=efea1197c5210000d86178c45d496f63&
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
x-cloud-trace-context: f4870060ea26560b4e42e7864bc8d6ea
server: Google Frontend
date: Fri, 31 Jan 2020 16:03:10 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 0
307 B 32ms
32ms Script
text/plain 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/sync.js?key=0d80ae9fe71cec9484f682bd59232f9e
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 111ms
39ms Image
text/plain 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?key=0d80ae9fe71cec9484f682bd59232f9e
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 78 B
532 B 67ms
62ms XHR
text/javascript 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2982c35d4bee5deeec5748a196d4a26e0b8dac015736bdf98742dded7e1e2f3e

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://classfifth53.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 78
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 44 KB
7 KB 79ms
71ms XHR
text/javascript 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2fdc7725a45397ec59eacaaaea5cf2775b04a7f3e557fee7b386d950990b89e7

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://classfifth53.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
transfer-encoding: chunked
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 38ms
37ms XHR
text/html 63.35.132.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 63.35.132.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-132-143.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 16:03:10 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://classfifth53.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK request_content.php
hal900010.redintelligence.net/ Frame 58EA 0
0 37ms
22ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900010.redintelligence.net/request_content.php?s=75793100137537901232265011125010&a=f48a05cb
Requested by: Host: hal900010.redintelligence.net
URL: http://hal900010.redintelligence.net/request.php?zone=8qo5liw3f0bw&nw=20&renderingType=javascript&namespace=0bee041fa8&subid=&uid=3e20e1e35c825bca&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33408241%3Bcrtbwp%3DCE0FDB11CB72D40C%3Bcrtbdata%3D8alVJ54iVvEgYI56jrqS5iZTIfzAvXm72nmowqm6fYisK2cZcgeIgbkKb7p-UQylX7Xlq4jy1Z1ry9NdWmqNu-YTHznzvLixt0V2UMo5Qnfz-ILLQK9x0-Ku54eDbMCfYNfNGGdVWUYQlbT8NMVl0kk5EmTAFJHjZ7G0Lavp2aT0VJdKi-T4elmKq3kBlds8He_HTnc7As2rkyEnjYAHdb9ws0Bk1FiwHsUeW1F3wxHSm_MygVJ8g2kbiJaZug9W0%3Badfibeg%3D0%3Bcdata%3DTf7IbaRMEpZNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt4JxoOtPJQMDUREM0Vuhy0dH5-FVYzd2dDDpgQ4amqW4RSC-01e1NKWimfCeDHtYUMn2OFfAXTfUymQJNpuCFFnVNo0wcxW4_m7WDaCkDEhOnxZ1OozxGLKMkDiU3E7eS1traigoMmk2zHI6gI6kjITtvSr1DFS6FzJM82wqRMST08XAqjB5WhVGOOtl1LQk3A1%3B%3BCREFURL%3Dhttp%253a%252f%252fclassfifth53.darkbb.com%252f%3BC%3D1%3Bcpdir%3D&documentReferer=http%3A%2F%2Fclassfifth53.darkbb.com%2F&ancestorOrigins=http%3A%2F%2Fclassfifth53.darkbb.com&random=7404917297122&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Server: 138.201.63.145 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900010.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate
Cookie: 8lcfmzhxc8d6_uid=0faaa44fb999ff2b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Date: Fri, 31 Jan 2020 16:03:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 31 Jan 2020 16:03:11 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1646
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 8546 0
0 21ms
19ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://classfifth53.darkbb.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://classfifth53.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 30 Jan 2020 22:14:46 GMT
Content-Encoding: gzip
Content-Length: 7743
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31489
Expires: Sat, 01 Feb 2020 00:48:00 GMT
Date: Fri, 31 Jan 2020 16:03:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H2 200 /
track.adform.net/serving/unload/ Frame EBE0 35 B
465 B 33ms
33ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=-6193422199149070828@@33408241,4103291040321479650,100|1200|0|0|0|0|0|0|0||41|0|31|1e7143d4bde7950272cf2e44afcace4d156a1394_1|||1|0|0|RgQBQNHjqRTb6zXTvNgMMFpzlwBNmZFKFLWHTZ8Sk6nKl8vIIY97D_OZHhfgw3yEZ3HX3-jNxZE1|||11|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:12 GMT
server: nginx
access-control-allow-origin: http://classfifth53.darkbb.com
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ban-fm-1.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 42ms
41ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-1.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 7360
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d2f34cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-2.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 37ms
36ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-2.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-133f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d2f35cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-3.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 41ms
40ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-3.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 6179
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d2f36cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-4.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 38ms
38ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-4.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 5418
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-152a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d2f37cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-5.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 44ms
44ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-5.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 5840
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-16d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d3f39cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-6.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 46ms
45ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-6.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 7495
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d3f3acadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-7.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 37ms
37ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-7.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14874
status: 200
content-length: 7085
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea1d6f92cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame EBE0 35 B
465 B 33ms
33ms Other
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=-6193422199149070828@@33408241,4103291040321479650,100|3400|0|0|0|0|0|0|0||117|0|31|1e7143d4bde7950272cf2e44afcace4d156a1394_1|||1|0|0|RgQBQNHjqRTb6zXTvNgMMFpzlwBNmZFKFLWHTZ8Sk6nKl8vIIY97D_OZHhfgw3yEZ3HX3-jNxZE1|||01|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://classfifth53.darkbb.com/
Origin: http://classfifth53.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 16:03:14 GMT
server: nginx
access-control-allow-origin: http://classfifth53.darkbb.com
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ban-fm-7.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 40ms
39ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-7.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 7085
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7beccadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-1.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 43ms
43ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 7360
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7beecadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-2.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 41ms
40ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-133f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7befcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-3.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 37ms
36ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 6179
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7bf0cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-4.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 46ms
46ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 5418
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-152a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7bf1cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-5.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 44ms
44ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-5.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 5840
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-16d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3c7bf2cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-6.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 41ms
41ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-6.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14879
status: 200
content-length: 7495
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea3cac43cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-1.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 41ms
40ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-1.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 7360
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfbbcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-2.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 39ms
38ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-2.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-133f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfbdcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-3.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 38ms
37ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-3.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 6179
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfbfcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-4.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 48ms
47ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-4.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 5418
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-152a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfc0cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-5.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 45ms
44ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-5.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 5840
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-16d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfc1cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-6.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 43ms
43ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-6.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 7495
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5bbfc2cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-7.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 37ms
37ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-7.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14884
status: 200
content-length: 7085
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea5be80dcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-1.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 42ms
37ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-1.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 7360
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb35cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-2.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 43ms
38ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-2.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-133f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb36cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-3.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 48ms
42ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-3.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 6179
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:45 GMT
server: cloudflare
etag: "5739a899-1823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb37cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-4.png
illiweb.com/fa/shop/en/ 5 KB
5 KB 49ms
44ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-4.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 5418
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-152a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb3acadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-5.png
illiweb.com/fa/shop/en/ 6 KB
6 KB 45ms
40ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-5.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 5840
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-16d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb3bcadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-6.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 43ms
39ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-6.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 7495
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7afb3ecadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

GET
H2 200 ban-fm-7.png
illiweb.com/fa/shop/en/ 7 KB
7 KB 40ms
39ms Image
image/png 2606:4700:e2::ac40:8b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/shop/en/ban-fm-7.png

Requested by

Host: classfifth53.darkbb.com
URL: http://classfifth53.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://classfifth53.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 16:03:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14889
status: 200
content-length: 7085
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:46 GMT
server: cloudflare
etag: "5739a89a-1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 55dcea7b3bb8cadc-ARN
expires: Sat, 30 Jan 2021 11:55:20 GMT

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://classfifth53.darkbb.com/(Line 37) Message: {"w":1600,"h":1200}
console-api	log	URL: https://analytics.webgains.io/clk.min.js(Line 1) Message: W-IT I
console-api	log	URL: https://analytics.webgains.io/clk.min.js(Line 1) Message: W-IT I

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
ads.rubiconproject.com
ajax.googleapis.com
analytics.webgains.io
api.viglink.com
b.scorecardresearch.com
beacon-eu2.rubiconproject.com
bidder.criteo.com
cdn.taboola.com
cdn.viglink.com
classfifth53.darkbb.com
connect.topicit.net
diapi.webgains.com
eus.rubiconproject.com
fonts.googleapis.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900027.redintelligence.net
hal90005.redintelligence.net
hitsk.in
i.imgur.com
i.servimg.com
illiweb.com
optimized-by.rubiconproject.com
pb.media01.eu
pixel.mathtag.com
pv.medialead.de
s1.adform.net
sb.scorecardresearch.com
static.criteo.net
stats.g.doubleclick.net
tags.mathtag.com
track.adform.net
track.webgains.com
w-it.m-t.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.124.134.131
104.85.250.71
138.201.63.145
138.201.63.149
138.201.63.165
151.101.114.2
151.101.12.193
172.217.18.102
178.250.2.152
185.29.135.42
188.165.2.137
2.16.186.51
2.18.233.201
23.37.55.184
2600:9000:21f3:2a00:9:352d:a240:93a1
2606:4700:3031::6818:787c
2606:4700:3034::6812:3fe8
2606:4700:3036::6812:3907
2606:4700::6810:a00d
2606:4700:e2::ac40:8b18
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2013
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:818::2003
2a00:1450:4001:819::2008
2a00:1450:4001:81a::2004
2a00:1450:400c:c00::9d
2a02:2638:1::3
37.157.4.40
37.157.5.73
46.236.13.147
51.38.145.136
54.76.176.197
63.35.132.143
69.173.144.140
69.173.144.155
78.46.111.106
81.29.72.47
85.10.231.199
06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1
0bd6872ee6a6b3492fba29b57455b318136e23d44e2aabcc9e1469a7f775394c
136bdf6003a20291fa880c2aaf8dde86fad3da0925b8b23a8a82f39ef9061e29
162f8a6d61544a0ab207c5614393b66bc21ddb2bfeabfc2c8f1479e21b7f5495
19533646481cdf097a4e2de109ad0e90253efab86c2f179f355a9a7ec9b3e528
1a03a85b629df261daf0505948cb459d102913e68afc4ae8cb2b39dec64c842e
1b74238feda3ad7dbfb6e4185b1b17b9b2be197190eca75cd3cfff1c6bd21213
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
220f32f9f0173e18ed278261f3ca14abbb99d1358488777fb813b10cf284350a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
26407271cb535dfcb9618af560750dcaea7dccf57a2562565d0dca0c7070ea36
27537247f9c21ef1afc8c971ce95a1b535d9819023019f8faebb5b5a1fcd024c
2982c35d4bee5deeec5748a196d4a26e0b8dac015736bdf98742dded7e1e2f3e
2fdc7725a45397ec59eacaaaea5cf2775b04a7f3e557fee7b386d950990b89e7
334725cb52d95048056ce1b18767de5af599040f364e17b4c999c65cfd67861e
347bd7cf2571eec9335a1a9bbd9fed84031a6eccc85f2898fe4e4adb675eb227
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
39ef212637aa1f0348c915fdf693e56744f2ec3ded9e420c02102b93fc9b5f72
412c62577db948a034a65afb8c7d25c79c702799e97bf486604e95393e840b87
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5226d55c392473171761073c26df4b7d01aadff8a00bd2a02a9acb7d31e456e8
5575eba1b2ce90cab23bc3e65ca66b94044f8bc0cec81d8fd51db2cec9baa032
55e23cdcec6474ebc65e1add721be3d3c9fc48ff39058cf5018cbc96d26cf62c
56f609c0e6d0323677a477fb57382eb5410fdb9f5f334f3116cab98761c9bbf5
57f002d456fb13a04edb32ba024ce6fd7423b25ddad65996ed2cb0a9ea73078b
5b53c8431aed91a1826225b05b1eccba21e0252efcf9fb53a5b601da4583acce
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
61afc66a93e2d75c39e5237f2c3adccbc84433b91dfeec7cd43ed5b973e26ac8
6bc8239f11ef21901544bb4a1428562f864f2390ec8ea3b445f38f73769b0a4c
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6edf8af83f6c763cfe69a345d3ec4fe59b528a19b37d9e6a09d1cc97b6f13595
76868cc3f166022137cb99171e1847e5bf256e6de38ed0d6000810ae24394727
789466d103f900b6414f3317e5b7f22426f45791652f7c0d5ac15df7898da262
78ec7bf75a28cee083555401283d4e526f268675e5bb420b1ee8fe2bb4b9e640
7a2451938d4e75f871434294f74c632b5bf9235c6c2fe37c84af8447f958aa34
7c7854914a3618f17c3cc821beb090dfb3f0f9aa1bbd7a027692f37503d66ac8
8170a23403dcc2e8c70327feb6cb3d4447b1535e5f2cedf3fdd1655197eeac22
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3a6b95815cfb6d76e0467f4dbb1023f9e009f69d19964880a3d25e4f6a7092
8e558160c9152a008897fa793576f7b3ab5a2f69c6378e1c960ed2175b596d44
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
95dbffd1d1e6950dbd26c6db5906257ad01d9da64ff63eed915335cf2000a90b
977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046
979d2e26cfa2d30918559508bbc6ddf8f527639b4629fe80fd062dda39a15cbe
9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a
ac411f9a466b5a9d7fcb8c4d7b8bec0ad7308be10826f96f893b8f02ca560e01
ae345d3483e51ad4184830864d03852ed21b6b64aec2823651a088184d385be7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16fb58f4673a7660bfe7dc51f88c5720efc34e5d0efc8e5cbb37c8c23644b5d
bb25e76d200c6eec5b27e019a56841a8ed06af072ab8f2c3a6f62f7f6570b705
bcd07a602226125a55ed6ef6ae520cb84d152e6dc33c23e13063c660bb9697bf
bfb8cec3ce76d1b797af044aaa2efc6e2e6ea922b02c4c32d07ca6eea1aab797
c0381064511400394b2e0c9390d016303dedcb281cf21c8115ca1f9d17a486e1
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
c1e1428cc0f2552d4ff472f15ae57fcfb86205ba97094226a52362e8cdd7c02a
c2a853b05bbe052cf44cfeb55397e715486ed0e387b052250f73b7c9e23cbeeb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d58fae6ccec34af886fb6ce26ee49443543ec82c85a4442ce8ba757c35ebcec3
daa1a0aaf242d4f8390845fbfe69154088771a88590c0688b8e26a9b167e125d
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e062b6e4b0bb29cf2c1934c84801bcaee9042054c3f8fb17c2092d8416d48bdc
e0a9cab8107561f0dac5bae9c40f96b83e312a2648c5a92b2a5c55579d8a3eb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b1b444857ee9e0a27589299e008fc007d1aaa310094e07905c8ef1fa94b8ed
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe9f70a1a3ee99f602325db20422407142a18c83ef28a76f1a51438b17cfac64
ff472dcf0e22c21bd1770791af2bc13c96c9b87ece2bfa59583da3f30297b149

classfifth53.darkbb.com Open in urlscan Pro 188.165.2.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

83 %HTTPS

39 %IPv6

28 Domains

41 Subdomains

39 IPs

9 Countries

1018 kBTransfer

2154 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

classfifth53.darkbb.com Open in urlscan Pro
188.165.2.137 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

83 %
HTTPS

39 %
IPv6

28
Domains

41
Subdomains

39
IPs

9
Countries

1018 kB
Transfer

2154 kB
Size

0
Cookies

134 HTTP transactions
0 data transactions