URL: https://fileforum.com/profile/tunaronald8/
Submission: On May 26 via manual from US — Scanned from IL

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 108.44.238.29, located in Leesburg, United States and belongs to UUNET, US. The main domain is fileforum.com.
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.
This is the only time fileforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 108.44.238.29 701 (UUNET)
11 104.26.12.174 13335 (CLOUDFLAR...)
7 142.250.185.226 15169 (GOOGLE)
1 192.0.73.2 2635 (AUTOMATTIC)
2 172.217.16.200 15169 (GOOGLE)
1 172.217.18.14 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
2 142.250.186.129 15169 (GOOGLE)
1 142.250.181.228 15169 (GOOGLE)
31 10
Apex Domain
Subdomains
Transfer
11 betanews.com
images.betanews.com
86 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
210 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
156 KB
2 fileforum.com
fileforum.com
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
253 B
1 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 4183
5 KB
31 8
Domain Requested by
11 images.betanews.com fileforum.com
images.betanews.com
7 pagead2.googlesyndication.com fileforum.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.googletagmanager.com fileforum.com
www.googletagmanager.com
2 fileforum.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.gravatar.com fileforum.com
31 9
Subject Issuer Validity Valid
admin.betanews.com
R3
2024-05-02 -
2024-07-31
3 months crt.sh
betanews.com
E1
2024-05-26 -
2024-08-24
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-05 -
2025-01-04
a year crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 6 frames:

Primary Page: https://fileforum.com/profile/tunaronald8/
Frame ID: 49EBF0856D9CEAB9DAE0FED7D34C1865
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Frame ID: A6530B86D3BB2DA69129B6F42302B3B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716724724&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Ftunaronald8%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1716724725508&bpp=21&bdt=1044&idt=672&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2859426168358&frm=20&pv=2&ga_vid=1744081785.1716724726&ga_sid=1716724726&ga_hid=1685863565&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083638%2C31083869%2C44795922%2C95331982%2C95331711%2C31078668&oid=2&pvsid=660027403442775&tmod=767141816&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=700
Frame ID: 9B530B9FDF8BD3875B8BC26BEF1D9D09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&abgtt=6&fwrn=4&fwrnh=100&lmt=1716724724&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Ftunaronald8%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1716724725529&bpp=2&bdt=1066&idt=695&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=2859426168358&frm=20&pv=1&ga_vid=1744081785.1716724726&ga_sid=1716724726&ga_hid=1685863565&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083638%2C31083869%2C44795922%2C95331982%2C95331711%2C31078668&oid=2&pvsid=660027403442775&tmod=767141816&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=700
Frame ID: D2B14E395A5DE0736E9EFFBE591C4156
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C41A5F87DD935B48F54D4FE8778AF95
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B22CFC438B0B078F6F36DFB3C53313E9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

tunaronald8's Profile | FileForum

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

462 kB
Transfer

1251 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fileforum.com/profile/tunaronald8/
7 KB
3 KB
Document
General
Full URL
https://fileforum.com/profile/tunaronald8/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS
phoenix.betanews.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
45b5b4847947a1d21192849791e2ce7825539641b727b4faee3ec7c82a80d6d1

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private, must-revalidate, pre-check=0, post-check=0
Connection
close
Content-Encoding
gzip
Content-Length
2368
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 May 2024 11:58:44 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Sun, 26 May 2024 11:58:44 GMT
Pragma
no-cache
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
reset.css
images.betanews.com/stylesheets/fileforum3/
886 B
756 B
Stylesheet
General
Full URL
https://images.betanews.com/stylesheets/fileforum3/reset.css
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2151
etag
"376-553c565bb7500-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxvPiqoa4ijWeGnJTUBbPUKnoKNy0ePj8UN9q6a0XHUzIf6cdSTm8jICPfRWJYXFRUdo91jwQnElbmYYoz0FLs%2BhYB0oWvVxIhHhI7RomayntUX1oWssG6%2F5DUoQEs%2BDTcaz96c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d9859eae39f22-FRA
content-length
436
main.css
images.betanews.com/stylesheets/fileforum3/
29 KB
6 KB
Stylesheet
General
Full URL
https://images.betanews.com/stylesheets/fileforum3/main.css
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2017 23:54:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2151
etag
"72a2-554136b4eee40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQKY98zXB3gShp9UZmEp1pH%2B08zCf92UyLAvC0MMY6MU%2BP8zxT%2FpQLnaQ%2Fdz3DpN4CUJpi01Nd5D%2BRaqQxjh%2F%2FrzF8ZC62Ijj%2BTFr0cXm8omk3KKW8bE8SAsNI4DKq56h%2F6DQt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d9859eae09f22-FRA
content-length
6192
ffsite.js
images.betanews.com/resources/
137 KB
48 KB
Script
General
Full URL
https://images.betanews.com/resources/ffsite.js
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2151
etag
"223e8-553c57b3fe140-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDbw%2Fl2WhBBJyK6Hqd4rx0a5a7C1%2B%2F0xvQ9WOdCJka3QAFY3z4i%2F7XLAOMe4f0FXLyDjW66W7qHMiBIhF1ItnqTWGHgipnFK21n64DRLPmPYe5wvHFrKM5CqLxbNoWZE58QTn7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d9859eae49f22-FRA
content-length
48131
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
152 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d9566c7e1d14ad5392c7ba381cb6c27feac7bb833a8b5fb32fc949791a7b5e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fileforum.com/
Origin
https://fileforum.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51740
x-xss-protection
0
server
cafe
etag
18086309392248468585
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 26 May 2024 11:58:45 GMT
5a587d26dd0f60474f2ad546caa145cc
www.gravatar.com/avatar/
4 KB
5 KB
Image
General
Full URL
https://www.gravatar.com/avatar/5a587d26dd0f60474f2ad546caa145cc?s=128
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS mxp 2
date
Sun, 26 May 2024 11:58:44 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="5a587d26dd0f60474f2ad546caa145cc.jpg"
accept-ranges
bytes
link
<https://gravatar.com/avatar/5a587d26dd0f60474f2ad546caa145cc?s=128>; rel="canonical"
content-length
4268
alt-svc
h3=":443"; ma=86400
expires
Sun, 26 May 2024 12:03:44 GMT
gtm.js
www.googletagmanager.com/
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS
Requested by
Host: fileforum.com
URL: https://fileforum.com/profile/tunaronald8/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3db8ea3d5c0d93f6ee9a5ce531a69cdbf95f2b8cb44bcf4ee2c08f43c21da628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68015
x-xss-protection
0
last-modified
Sun, 26 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 May 2024 11:58:45 GMT
navbar_active_gray.png
images.betanews.com/fileforum3/header/
1006 B
1 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/header/navbar_active_gray.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2017 23:30:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765
etag
"3ee-5541315c69180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EOEqu358vRv9lidZ%2F1LzBB0W02IL0DfBXXuuA20fF3%2Fd%2BbTkqv9ZfeP84pV4RMtKXhPinxL2sPzw1%2B24b0BGpCVH954rzoUWAzlJjddyb%2Fw5B36QtOy7gcH8QCC%2B8uVmn5x%2BcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5ced9f22-FRA
content-length
1006
ff_logo_gray.png
images.betanews.com/fileforum3/header/
1 KB
2 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/header/ff_logo_gray.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2017 23:30:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765
etag
"563-5541315c69180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVVQONaNlk71dXN3wmRYuMQWKJc6GN8K%2FRMhJiOi7WTdHBxWW9s83bRaaCYa9ZXNg%2FIZY1huoEnEydXO4Qy9uqUbJSEV4sHB4pYXfm0p%2Fax9kyxTJpUQrSddeIKZirP%2FjnjCZzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cf29f22-FRA
content-length
1379
ff_logo.png
images.betanews.com/fileforum3/header/
4 KB
4 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/header/ff_logo.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765
etag
"f28-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzJ4z5vsQ8ekgGdCPnsmN4n6mbaaasERDeVg38v2C8zSIQCvLyExcL9oLDqboFSnI1c6ZK96sdk1j6H3DDcE8zhvHcVvy6qab2Sn68ZEIh%2Br2v1JGptK%2Br4pGvklfFLPW0S1x%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cf69f22-FRA
content-length
3880
buttons.png
images.betanews.com/fileforum3/buttons/
12 KB
12 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/buttons/buttons.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5111
etag
"2ea3-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrdvfRH6xGxabdZpAiVa7MiNNDZdANzK5n4MaVyr0qv7Ov3oXjIopX%2Bk8mkhUQDEQ6NycE2CJPqsCQLzQzyP9UUBhEeJc7TWzdjwEi6sNdZPUKYWjgC6LrtmhagHKD733r7VTnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cf99f22-FRA
content-length
11939
socialmedia_icons.png
images.betanews.com/fileforum3/
5 KB
5 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/socialmedia_icons.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765
etag
"123b-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufqplkJiLBEDgm8SiZfaRe8WKHhkP0dExARjU1HHwbT%2FgwNZBwAGdx9WDeRmdqMQCEKMv7FYN7B8SqcFFfQoy4jZyTKZM9WlCezHyUopCteoQxa8wvt8HPWNTfqm45EQH1QVO7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cfb9f22-FRA
content-length
4667
navbar_active.png
images.betanews.com/fileforum3/header/
192 B
486 B
Image
General
Full URL
https://images.betanews.com/fileforum3/header/navbar_active.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1760
etag
"c0-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciEv2Tw5Gf6nHrgBA2q5rVsYmCWz1gL3VVoD3T1sBciaae01NOHnVAiO61E%2BS%2B2HA1x1zbSE6hwJ7OgHp2KtQN4rlhUaSLrzfAlEj%2FMlt5HyA5Ho00o%2F%2BEEtWrsqNxW77A4T2zA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cfc9f22-FRA
content-length
192
bgs.png
images.betanews.com/fileforum3/
4 KB
4 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/bgs.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765
etag
"ec9-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dxt9ZmA3Qj025%2B9u5D7V7dqs%2BSnraf4jpCMgl64I7c2lB9p7KvnbI7nsD7f%2BFjQE%2FRBl48unfkqKQ26Ripsyb7GXQ%2BRpR16uoEukZGF2%2FzrEooSONfgb5cWV3gp1l5kT40TLJAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cfe9f22-FRA
content-length
3785
icons2.png
images.betanews.com/fileforum3/icons/
2 KB
2 KB
Image
General
Full URL
https://images.betanews.com/fileforum3/icons/icons2.png
Requested by
Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 08 Jul 2017 02:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"892-553c565bb7500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5kqw39UOeZ3F%2BpLXA2ECqDhWw0%2BWyUBbUET3w3b6QGjOhy9AgebS9OlUGTqgp0Kny%2BKqplJkjnux7T80udIs5Z2muK%2FnoIWrx8OFBSsRPZRiCnmmHyrmppfbBegrKApXvYVHMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889d985b5cff9f22-FRA
content-length
2194
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/
416 KB
140 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a5bb7804216ccbd5c318a3e511441fef76a29e31b9d4fbaa250855c1d0c6b149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143801
x-xss-protection
0
server
cafe
etag
7623397022497138144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 May 2024 11:58:45 GMT
js
www.googletagmanager.com/gtag/
255 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6a7e61ecf84f8766a57477056caf7d3440443d8d60c5278503482b8b6363bd91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91353
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 May 2024 11:58:45 GMT
collect
www.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H9SLV28721&gtm=45je45m0v9110113147z89119310666za200zb9119310666&_p=1716724724962&gcd=13l3l3l3l1&npa=0&dma=0&cid=1744081785.1716724726&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716724725&sct=1&seg=0&dl=https%3A%2F%2Ffileforum.com%2Fprofile%2Ftunaronald8%2F&dt=tunaronald8%27s%20Profile%20%7C%20FileForum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2147
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2024 11:58:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fileforum.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://fileforum.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/ Frame A653
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age
7757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 May 2024 09:49:29 GMT
etag
11731753506229902092
expires
Sun, 09 Jun 2024 09:49:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9B53
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716724724&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Ftunaronald8%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1716724725508&bpp=21&bdt=1044&idt=672&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2859426168358&frm=20&pv=2&ga_vid=1744081785.1716724726&ga_sid=1716724726&ga_hid=1685863565&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083638%2C31083869%2C44795922%2C95331982%2C95331711%2C31078668&oid=2&pvsid=660027403442775&tmod=767141816&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5501
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 May 2024 11:58:47 GMT
expires
Sun, 26 May 2024 11:58:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D2B1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&abgtt=6&fwrn=4&fwrnh=100&lmt=1716724724&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Ftunaronald8%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1716724725529&bpp=2&bdt=1066&idt=695&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=2859426168358&frm=20&pv=1&ga_vid=1744081785.1716724726&ga_sid=1716724726&ga_hid=1685863565&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083638%2C31083869%2C44795922%2C95331982%2C95331711%2C31078668&oid=2&pvsid=660027403442775&tmod=767141816&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 May 2024 11:58:47 GMT
expires
Sun, 26 May 2024 11:58:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://fileforum.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://fileforum.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240522&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3a5b6b0768c0708fd8a2c8b603fbcc2cab6b1401d38ae2e6d1a556ac177dc23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12705
x-xss-protection
0
favicon.ico
fileforum.com/
2 KB
2 KB
Other
General
Full URL
https://fileforum.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS
phoenix.betanews.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
e4ad725d5dcd5533e63c9ec927504dc55e05ef0e62bb7688f50e83d86fe3a5b9

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/profile/tunaronald8/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 26 May 2024 11:58:47 GMT
Last-Modified
Wed, 02 Jun 2004 01:57:09 GMT
Server
Apache/2.4.10 (Debian)
ETag
"8f6-3dbd7020d2740"
Content-Type
image/vnd.microsoft.icon
Connection
close
Accept-Ranges
bytes
Content-Length
2294
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://fileforum.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 May 2024 11:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 26 May 2024 11:58:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C41
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
age
59752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 May 2024 19:22:56 GMT
expires
Sun, 25 May 2025 19:22:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B22C
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bjO_zKCYtazx0awZwzdxSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://fileforum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bjO_zKCYtazx0awZwzdxSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 26 May 2024 11:58:48 GMT
expires
Sun, 26 May 2024 11:58:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240522&jk=660027403442775&bg=!f3ylfDPNAAbUqhG89Ko7ADQBe5WfOEwdQ5QcdTPEcFtX9n2_EIivyQ7BbMz2n51ZhNvF5SsqyUR68MTIhQ-JNqLXny8SAgAAADhSAAAAA2gBB34ANlgvuqm-sgqGy1kvK7SZTtrrj6yb7ktupIaTrI2oF8-gsegBEgKwfplwzutkc-SLyTxNQ_bXCAoAhS_3omx98eydrZXyoczcoPyt_GjeBcQjnaUJR8eLauKWy5U7ylvrf692fKqkZUUAw9Zl_uRoiTuAgZPvf8KCQ7mpVljHn5mqvJAc5zFobxIdGoSwqUqlf3F6AMRckdZrwOafD3LKWp4Z8btlC5awcfYp1uBkUoEFX--Hk3-jAjWKc6QRAMOZAp_q4WaH4LsoHW67UWDtBfNWfTeU6HqpVOWPhdDvkFUmRxPQ7cX5a9cYyp4uSJNOlxZoyyKc88HZ7xulP8vtk6j0TOKH9Tz9WEa2MX2dPt3jR1iB5vgnsuCB1xgtVRdqXxgrNB0_BYOnzPrUNMOLDpiBHAsEo1fsZoAhSfw-prHj_Mk4byYEB5sVKZulFKY608oeDRO48wQEuKu28AGqQp9PyDSTmFhw8qxXTxgw5o5CobYHBNUUXgyf0m1Ywq7ZcS4ssY3YBlFRHfsuVTm94pduV-ChaBOi9zMpgTmesKHFqLTjNGheIeweMIKzoW6MIqq0YroH1EVPWU7mwJ7WA9rzrIhNXybzYm_UHPMyI5E_4ySEDDgHRmzReqMsw9LYbqxhb1xEMsHFhleC-xh1gLQMccq2_LFV0ugzDjRPHwSkROyDDuBKW5ugxorc8cU4JmXpkcX7HVF3cw4TRanyAfNIcUYOAWD2PHTkYpm3CxMKSl6hdMJnlyhX-Rd9x5JKB4viPcolhDYaqZRReelM3LO1rUyhkW6UQwq9p0xEnkuWKRzzs8S3OKr3A8gZjPyT8btCVzheyn12pfj1hP0Svq8QkiY2VDZDfDQC5fgLjhBbOAppERQBtKB6fMHQR-Hs-sSvYxs6yeJkJNK0ySlxLRdz74gB3wdQX6ozsylIRazHqxhvc-1mmXSjesn8zlW2JYXl2p-bbzXO1lzWoUz0tpS3TRv5tqTvOY4Q7upIMIexgh7qTLS59lhLgmmveLaU0AQ-cP_cSfkQvhZSoHpmyjAAxRtN8lrXEHfOIsDHIC_oNQ2V9TDZwvzB5i8gCJIl4T6lYoCN4fHXlGAnzx05wym44-6mw5Y0wE3E0XMurjCoHdqZHnMG5SEy2XFJxPzjug

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| BN function| changeBrowseSort function| suggestfile function| popwin function| downloadNow function| toggleChanges function| $ function| jQuery object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.fileforum.com/ Name: sixsession
Value: 3du9d9hmhnkngu7r4s3f2hu5sfi4opee
.fileforum.com/ Name: _ga_H9SLV28721
Value: GS1.1.1716724725.1.0.1716724725.0.0.0
.fileforum.com/ Name: _ga
Value: GA1.1.1744081785.1716724726
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fileforum.com/ Name: __gads
Value: ID=f49fbb6e14f892bb:T=1716724726:RT=1716724726:S=ALNI_MY9sZEdI4a9bLmuIHMXDrcQL1Ld9w
.fileforum.com/ Name: __gpi
Value: UID=00000e2e0932edf6:T=1716724726:RT=1716724726:S=ALNI_Mapc8sAKHwNyf6HD-02D6dtfcZxMg
.fileforum.com/ Name: __eoi
Value: ID=dbbeff50c094c96e:T=1716724726:RT=1716724726:S=AA-AfjYf7xhQHq-S01R8U5Tt4Etf

2 Console Messages

Source Level URL
Text
other warning URL: https://fileforum.com/profile/tunaronald8/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fileforum.com/profile/tunaronald8/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fileforum.com
googleads.g.doubleclick.net
images.betanews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gravatar.com
pagead2.googlesyndication.com
104.26.12.174
108.44.238.29
142.250.181.228
142.250.184.226
142.250.185.226
142.250.186.129
172.217.16.200
172.217.18.14
192.0.73.2
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89
3a5b6b0768c0708fd8a2c8b603fbcc2cab6b1401d38ae2e6d1a556ac177dc23a
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848
3db8ea3d5c0d93f6ee9a5ce531a69cdbf95f2b8cb44bcf4ee2c08f43c21da628
45b5b4847947a1d21192849791e2ce7825539641b727b4faee3ec7c82a80d6d1
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803
5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a7e61ecf84f8766a57477056caf7d3440443d8d60c5278503482b8b6363bd91
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a
a5bb7804216ccbd5c318a3e511441fef76a29e31b9d4fbaa250855c1d0c6b149
d9566c7e1d14ad5392c7ba381cb6c27feac7bb833a8b5fb32fc949791a7b5e2c
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad725d5dcd5533e63c9ec927504dc55e05ef0e62bb7688f50e83d86fe3a5b9
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab