shadowsfromthepast.foroactivo.com Open in urlscan Pro
94.23.73.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowsfromthepast.foroactivo.com/
Effective URL:
https://shadowsfromthepast.foroactivo.com/
Submission: On March 18 via api (March 18th 2024, 9:41:02 pm UTC) from US — Scanned from PT

Summary HTTP 213 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 36 domains to perform 213 HTTP transactions. The main IP is 94.23.73.212, located in Lisbon, Portugal and belongs to OVH, FR. The main domain is shadowsfromthepast.foroactivo.com.
TLS certificate: Issued by R3 on January 28th 2024. Valid for: 3 months.

This is the only time shadowsfromthepast.foroactivo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.23.159.185 94.23.159.185	16276 (OVH) (OVH)
8	94.23.73.212 94.23.73.212	16276 (OVH) (OVH)
7	216.58.206.74 216.58.206.74	15169 (GOOGLE) (GOOGLE)
10	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	18.66.147.112 18.66.147.112	16509 (AMAZON-02) (AMAZON-02)
5	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	212.63.223.226 212.63.223.226	30880 (SPACEDUMP...) (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab)
42	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
29	162.19.58.157 162.19.58.157	16276 (OVH) (OVH)
3	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
3	172.67.217.127 172.67.217.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.63.223.227 212.63.223.227	50827 (SPACEDUMP...) (SPACEDUMP-SPLIT-AS)
2 2	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	104.20.151.16 104.20.151.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.10.121 104.22.10.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
21	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
4	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
5	104.21.235.76 104.21.235.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	162.159.129.233 162.159.129.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	162.159.128.233 162.159.128.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
2	104.26.0.229 104.26.0.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
1	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
2	23.218.194.34 23.218.194.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.19.162.67 213.19.162.67	26667 (RUBICONPR...) (RUBICONPROJECT)
4	3.254.23.3 3.254.23.3	16509 (AMAZON-02) (AMAZON-02)
4	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	23.32.100.25 23.32.100.25	16625 (AKAMAI-AS) (AKAMAI-AS)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	99.81.11.175 99.81.11.175	16509 (AMAZON-02) (AMAZON-02)
3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	141.226.224.32 141.226.224.32	() ()
213	45

1 94.23.159.185 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)

shadowsfromthepast.foroactivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 94.23.73.212 (Lisbon, Portugal)

ASN16276 (OVH, FR)

shadowsfromthepast.foroactivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webm.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-112.fra60.r.cloudfront.net

ac.audiencerun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.63.223.226 (Sweden)

ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE)

images2.imgbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.imgur.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.217.127 (United States)

ASN13335 (CLOUDFLARENET, US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.63.223.227 (Sweden)

ASN50827 (SPACEDUMP-SPLIT-AS, SE)

images.imgbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.193 (United States) 2 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.151.16 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.creativecommons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.10.121 (None, )

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprnjmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.235.76 (None, )

ASN13335 (CLOUDFLARENET, US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.159.129.233 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.159.128.233 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.0.229 (None, )

ASN13335 (CLOUDFLARENET, US)

ac.aruncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

comparisons.sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.194.34 (Dallas, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-194-34.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.67 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.254.23.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-254-23-3.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

us-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.100.25 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-100-25.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.11.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-175.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	imgur.com 2 redirects i.imgur.com — Cisco Umbrella Rank: 7266 imgur.com — Cisco Umbrella Rank: 5774	212 KB
29	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1307 trc.taboola.com — Cisco Umbrella Rank: 954 15.taboola.com — Cisco Umbrella Rank: 6805 us-trc-events.taboola.com — Cisco Umbrella Rank: 20661 images.taboola.com — Cisco Umbrella Rank: 2072 vidstat.taboola.com — Cisco Umbrella Rank: 3872 imprnjmp.taboola.com — Cisco Umbrella Rank: 12857 us-match.taboola.com — Cisco Umbrella Rank: 13545 wf.taboola.com — Cisco Umbrella Rank: 3992 us-vid-events.taboola.com — Cisco Umbrella Rank: 12321 sync.taboola.com — Cisco Umbrella Rank: 1953 vidstatb.taboola.com — Cisco Umbrella Rank: 9247 pips.taboola.com — Cisco Umbrella Rank: 2146 cds.taboola.com	848 KB
29	ibb.co i.ibb.co — Cisco Umbrella Rank: 10410	22 MB
9	discordapp.com 1 redirects discordapp.com — Cisco Umbrella Rank: 1804 cdn.discordapp.com — Cisco Umbrella Rank: 1940	258 KB
9	illiweb.com illiweb.com — Cisco Umbrella Rank: 348237	44 KB
9	foroactivo.com 1 redirects shadowsfromthepast.foroactivo.com	72 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 716 fonts.googleapis.com — Cisco Umbrella Rank: 110 imasdk.googleapis.com — Cisco Umbrella Rank: 666	174 KB
6	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 3176 smarttag.rubiconproject.com — Cisco Umbrella Rank: 18600 eus.rubiconproject.com — Cisco Umbrella Rank: 905 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9065 token.rubiconproject.com — Cisco Umbrella Rank: 739	23 KB
6	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 891 gum.criteo.com — Cisco Umbrella Rank: 622	8 KB
6	discord.com 1 redirects discord.com — Cisco Umbrella Rank: 1427	731 KB
6	imgbox.com images2.imgbox.com — Cisco Umbrella Rank: 59405 images.imgbox.com	118 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 11132 api.viglink.com — Cisco Umbrella Rank: 28523	31 KB
5	2img.net 2img.net — Cisco Umbrella Rank: 301396	130 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	366 KB
4	gstatic.com fonts.gstatic.com	229 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 619	705 B
3	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 881	1 KB
3	media.net 3 redirects cs.media.net — Cisco Umbrella Rank: 2074	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 589	445 B
3	servimg.com i.servimg.com — Cisco Umbrella Rank: 378472	16 KB
3	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19442	289 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 898	42 KB
2	google.co.in www.google.co.in — Cisco Umbrella Rank: 13824	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	420 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 258 www.google.com — Cisco Umbrella Rank: 5	674 B
2	aruncdn.com ac.aruncdn.com — Cisco Umbrella Rank: 178879	153 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	audiencerun.com ac.audiencerun.com — Cisco Umbrella Rank: 237922	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	154 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1085	109 B
1	sovrn.com comparisons.sovrn.com — Cisco Umbrella Rank: 34022	2 KB
1	webm.red webm.red	387 KB
1	licensebuttons.net licensebuttons.net — Cisco Umbrella Rank: 43179	2 KB
1	creativecommons.org 1 redirects i.creativecommons.org — Cisco Umbrella Rank: 47541	234 B
1	tumblr.com 64.media.tumblr.com — Cisco Umbrella Rank: 16488	4 KB
1	imgur.io i.imgur.io	8 KB
213	36

	Domain	Requested by
41	i.imgur.com	shadowsfromthepast.foroactivo.com
29	i.ibb.co	shadowsfromthepast.foroactivo.com
9	illiweb.com	shadowsfromthepast.foroactivo.com
9	shadowsfromthepast.foroactivo.com	1 redirects shadowsfromthepast.foroactivo.com
8	cdn.discordapp.com	shadowsfromthepast.foroactivo.com
8	cdn.taboola.com	shadowsfromthepast.foroactivo.com cdn.taboola.com
6	discord.com	1 redirects shadowsfromthepast.foroactivo.com discord.com
6	fonts.googleapis.com	shadowsfromthepast.foroactivo.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	2img.net	shadowsfromthepast.foroactivo.com
5	images2.imgbox.com	shadowsfromthepast.foroactivo.com
5	cdnjs.cloudflare.com	shadowsfromthepast.foroactivo.com cdnjs.cloudflare.com
4	gum.criteo.com	cdn.taboola.com static.criteo.net gum.criteo.com
4	api.viglink.com	cdn.viglink.com shadowsfromthepast.foroactivo.com
4	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	imprnjmp.taboola.com us-match.taboola.com
3	pr-bh.ybp.yahoo.com	imprnjmp.taboola.com us-match.taboola.com
3	sync.taboola.com	imprnjmp.taboola.com
3	cs.media.net	3 redirects
3	match.adsrvr.org	imprnjmp.taboola.com us-match.taboola.com
3	i.servimg.com	shadowsfromthepast.foroactivo.com
3	i.postimg.cc	shadowsfromthepast.foroactivo.com
3	static.criteo.net	shadowsfromthepast.foroactivo.com
2	us-match.taboola.com	vidstat.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	eus.rubiconproject.com	smarttag.rubiconproject.com eus.rubiconproject.com
2	www.google.co.in	shadowsfromthepast.foroactivo.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	bidder.criteo.com	static.criteo.net
2	ac.aruncdn.com	ac.audiencerun.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	imgur.com	2 redirects
2	ac.audiencerun.com	shadowsfromthepast.foroactivo.com ac.audiencerun.com
2	www.googletagmanager.com	shadowsfromthepast.foroactivo.com www.googletagmanager.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	vidstatb.taboola.com
1	prebid.a-mo.net	imprnjmp.taboola.com
1	us-vid-events.taboola.com
1	wf.taboola.com	vidstat.taboola.com
1	imprnjmp.taboola.com	vidstat.taboola.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	images.taboola.com	shadowsfromthepast.foroactivo.com
1	us-trc-events.taboola.com	shadowsfromthepast.foroactivo.com
1	15.taboola.com	cdn.taboola.com
1	beacon-ams3.rubiconproject.com	shadowsfromthepast.foroactivo.com
1	www.google.com	shadowsfromthepast.foroactivo.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	comparisons.sovrn.com	cdn.viglink.com
1	analytics.google.com	www.googletagmanager.com
1	ads.rubiconproject.com	shadowsfromthepast.foroactivo.com
1	imasdk.googleapis.com	ac.audiencerun.com
1	cdn.viglink.com	shadowsfromthepast.foroactivo.com
1	discordapp.com	1 redirects
1	webm.red	shadowsfromthepast.foroactivo.com
1	licensebuttons.net	shadowsfromthepast.foroactivo.com
1	i.creativecommons.org	1 redirects
1	64.media.tumblr.com	shadowsfromthepast.foroactivo.com
1	i.imgur.io	shadowsfromthepast.foroactivo.com
1	images.imgbox.com	shadowsfromthepast.foroactivo.com
1	ajax.googleapis.com	shadowsfromthepast.foroactivo.com
213	61

This site contains links to these domains. Also see Links.

Domain
discord.gg
bokunoheroacademia.foroactivo.com
centuries.foroactivo.com
bnworld-rp.foroactivo.com
jujutsukaisen.foroactivo.com
jujutsukaisen-rol.foroactivo.com
www.pokemon-ysiel.com
forgottencrossroads.foroactivo.com
whitehaven.foroactivo.com
www.secretsofblood.com
op-ascension.foroactivo.com
ethereal-cosmos.foroactivo.com
eternalspiritgods.foroactivo.com
devilsadvocate.foroactivo.com
fatecaelum.foroactivo.com
renegaderpg.foroactivo.com
arcanumlegio.foroactivo.com
aerandir.foroes.org
red-moon.foroactivo.com
gran-siniestra.foroactivo.com
the-last-dragons.foroactivo.com
ikigai-rp.foroactivo.com
blueberry.foroactivo.com
dixinmortal.catsboard.com
counting-stars.foroactivo.com
dyingsol.foroactivo.com
albion-darkage.foroactivo.com
newgeneration-rpg.foroactivo.com
crown-of-winter.foroactivo.com
asteriarpg.foroactivo.com
op-legendary.foroactivo.com
paragons-rpg.foroactivo.com
crystal-worlds.foroactivo.com
digimon-newage.foroactivo.com
tboshadows.foroactivo.com
dissendium-rpg.foroactivo.com
www.treeofliferpg.com
op-rebirth.foroactivo.com
tokyorevengers-rol.foroactivo.com
shinyempire-rpg.foroactivo.com
kasiopeavalerian.foroactivo.com
innocentsouls.foroactivo.com
cyberpunkrol.foroactivo.com
erasdelmundo.foroactivo.com
hp-avada-kedavra.foroactivo.com
higanbana.foroactivo.com
afterlife-hotel.foroactivo.com
goddessofdelirium.foroactivo.com
vorfreude.foroactivo.com
paparazzi.foroactivo.com
dailyrol.tumblr.com
guardianasdelrpg.tumblr.com
secretcrisis-rpg.foroactivo.com
state-of-grace-rpg.foroactivo.com
sempiternus.foroactivo.com
estelarion.foroactivo.com
starfall.foroactivo.com
runaterra-rp.foroactivo.com
creativecommons.org
www.foroactivo.com
asistencia.foroactivo.com

Subject Issuer	Validity	Valid
m91.maxns.net R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
illiweb.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.audiencerun.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.imgbox.com GoGetSSL RSA DV CA	`2023-10-20` - `2024-11-19`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
postimg.cc R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
servimg.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.imgur.io R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
webm.red GTS CA 1P5	`2024-03-04` - `2024-06-02`	3 months	crt.sh
2img.net E1	`2024-03-05` - `2024-06-03`	3 months	crt.sh
discord.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
viglink.com Amazon RSA 2048 M02	`2023-09-13` - `2024-10-11`	a year	crt.sh
aruncdn.com GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.co.in GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
comparisons.sovrn.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-02-12` - `2024-08-07`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.a-mo.net R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://shadowsfromthepast.foroactivo.com/
Frame ID: 859622C42E0CB0BBE2358E0BFDC6D63E
Requests: 153 HTTP requests in this frame

Frame: https://discord.com/widget?id=941182844041052180&theme=dark
Frame ID: CE7D5E88DE309646E95605E333F4360E
Requests: 12 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: FED3C6734BFDBE1FB4C9CEF08884B14F
Requests: 25 HTTP requests in this frame

Frame: https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 7100BACD2C6A9D3DC544B5F85911B65D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Frame ID: CAE589452B5C0015778191F0BE996FBF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shadowsfromthepast.foroactivo.com
Frame ID: CE008120CB3EEA7E50E11D63E5DE976D
Requests: 2 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B28297C00D6D80CC01F88C82D67B3881
Requests: 6 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: DA37BFDA89F53AC19DBBE22DC89BAA95
Requests: 5 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B53239FD9E0133A7D6A0DC52EC00A7B0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

shadowsfromthepast

Page URL History Show full URLs

http://shadowsfromthepast.foroactivo.com/ HTTP 301
https://shadowsfromthepast.foroactivo.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

213
Requests

96 %
HTTPS

0 %
IPv6

36
Domains

61
Subdomains

45
IPs

9
Countries

26990 kB
Transfer

34104 kB
Size

17
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/Ww2SgWKmnh
Title: Discord

Search URL Search Domain Scan URL

URL: https://bokunoheroacademia.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://centuries.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://bnworld-rp.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://jujutsukaisen.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://jujutsukaisen-rol.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://www.pokemon-ysiel.com/

Search URL Search Domain Scan URL

URL: https://forgottencrossroads.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://whitehaven.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://www.secretsofblood.com/

Search URL Search Domain Scan URL

URL: https://op-ascension.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://ethereal-cosmos.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://eternalspiritgods.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://devilsadvocate.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://fatecaelum.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://renegaderpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://arcanumlegio.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://aerandir.foroes.org/

Search URL Search Domain Scan URL

URL: https://red-moon.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://gran-siniestra.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://the-last-dragons.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://ikigai-rp.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://blueberry.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://dixinmortal.catsboard.com/

Search URL Search Domain Scan URL

URL: https://counting-stars.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://dyingsol.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://albion-darkage.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://newgeneration-rpg.foroactivo.com/forum

Search URL Search Domain Scan URL

URL: https://crown-of-winter.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://asteriarpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://op-legendary.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://paragons-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://crystal-worlds.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://digimon-newage.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://tboshadows.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://dissendium-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://www.treeofliferpg.com/?tt=1

Search URL Search Domain Scan URL

URL: https://op-rebirth.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://tokyorevengers-rol.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://shinyempire-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://kasiopeavalerian.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://innocentsouls.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://cyberpunkrol.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://erasdelmundo.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://hp-avada-kedavra.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://higanbana.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://afterlife-hotel.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://goddessofdelirium.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://vorfreude.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://paparazzi.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://dailyrol.tumblr.com/

Search URL Search Domain Scan URL

URL: https://guardianasdelrpg.tumblr.com/

Search URL Search Domain Scan URL

URL: https://secretcrisis-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://state-of-grace-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://sempiternus.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://estelarion.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://starfall.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://runaterra-rp.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-nd/4.0/

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/crear-un-foro/phpbb3
Title: Crear foro

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://asistencia.foroactivo.com/
Title: Foro gratis de asistencia

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/
Title: ForoActivo.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowsfromthepast.foroactivo.com/ HTTP 301
https://shadowsfromthepast.foroactivo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://imgur.com/J8MwrFg.png HTTP 301
https://i.imgur.com/J8MwrFg.png

Request Chain 79

https://imgur.com/WmvuKGy.png HTTP 301
https://i.imgur.com/WmvuKGy.png

Request Chain 85

https://i.creativecommons.org/l/by-nc-nd/4.0/88x31.png HTTP 301
https://licensebuttons.net/l/by-nc-nd/4.0/88x31.png

Request Chain 125

https://discordapp.com/widget?id=941182844041052180&theme=dark HTTP 301
https://discord.com/widget?id=941182844041052180&theme=dark

Request Chain 146

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

Request Chain 188

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

Request Chain 193

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

Request Chain 206

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

213 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shadowsfromthepast.foroactivo.com/
Redirect Chain

http://shadowsfromthepast.foroactivo.com/
https://shadowsfromthepast.foroactivo.com/

144 KB
29 KB

488ms
322ms

Document
text/html

94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

64c13777073881d52e19e6b262856ed957580cc53bf7fa022a8cfec2a82a8671

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 18 Mar 2024 21:40:53 GMT
expires: Mon, 18 Mar 2024 00:00:00 GMT
last-modified: Mon, 18 Mar 2024 21:40:53 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

content-length: 0
date: Mon, 18 Mar 2024 21:40:53 GMT
location: https://shadowsfromthepast.foroactivo.com/

GET
H2 200 31-ltr.css
shadowsfromthepast.foroactivo.com/ 205 KB
41 KB 401ms
395ms Stylesheet
text/css 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/31-ltr.css

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

917478c4e3fc9704647f0a82954399189e3a05a2b67f5eeb274b6cdd3fa1d9fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 00:00:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 41457
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 259ms
82ms Script
text/javascript 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 08:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Mar 2025 08:14:41 GMT

GET
H2 200 es.js Show response
illiweb.com/rs3/84/frm/lang/ 72 KB
18 KB 211ms
94ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/lang/es.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

170dac8117b815860285989688107dfc6dc0a383a4f65627973d299c10e23956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 766574
cf-polished: origSize=73814
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: MISS
cf-bgj: minify
last-modified: Tue, 16 May 2023 15:02:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxbuLi0KY7XwuVO0oY0QJtcREJwDxhUiOXPqudeVrTa%2BQmUn%2BbRGQY%2FQ53eA75LZ3O%2FiBj0HJEspabW1F6JNXHH4HcA5oy9U3YiEFyCH6n5PMMh7NHyd8LR0c04gjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: MISS
cf-ray: 8668623c9bb586c6-MAD
expires: Mon, 10 Mar 2025 00:44:39 GMT

GET
H2 200 99717.js Show response
shadowsfromthepast.foroactivo.com/ 2 KB
613 B 135ms
131ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/99717.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0267ee45af9dbf00d4c2df619b889bd2ff1f115dd57d921809bf094fdbc00763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:11:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 356
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 11641.js Show response
shadowsfromthepast.foroactivo.com/ 85 B
344 B 130ms
126ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/11641.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

8e88b2cfc65f0c04f1d3de312e2791b286537cf7ca84cbb947ab0db15a9d0cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Dec 2022 15:24:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 88
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 12668.js Show response
shadowsfromthepast.foroactivo.com/ 88 B
346 B 129ms
125ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/12668.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

324538a6ceecc099fb74191cb6ef6619a28c910a0919ecc451baa6ee83bb548f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Dec 2022 15:24:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 90
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 13659.js Show response
shadowsfromthepast.foroactivo.com/ 133 B
362 B 128ms
124ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/13659.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

20137ff1d619b4a8b871ee5517ffcd90dfc6ad8aaeaaedecf561809b632c23c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Dec 2022 15:24:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 105
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14650.js Show response
shadowsfromthepast.foroactivo.com/ 190 B
369 B 129ms
126ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/14650.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4e3dfa29e75fdbfa55ef6042b4cd26b0dfbd57a2d9e5c12e10311b97437b84da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Dec 2022 15:24:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 112
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 127 KB
41 KB 294ms
130ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

24b26f4b0283ce27a0ab8684ebf9486d1ce171c305768009174941abc831bd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-1fde2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Mar 2024 21:40:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 290ms
110ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

43af2978b7d333e853c86fbbd03473e06a8c915872f316273be4f46d6d49691c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71931
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:08:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/84/frm/jquery/cookie/ 1011 B
800 B 238ms
122ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 830262
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TuECSf7Iou%2ByhTQdcPYQHr3sQKR8bChAjqvCEBb2GBumkmUr9XFtGtP9uDlu33oT6iGnGFnl4gwSoIneVR4xUsMZzrinjivod1VhB8nO%2FlMPiNc%2BZS9bRHVpW%2BB%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8668623c9bb486c6-MAD
expires: Sun, 09 Mar 2025 07:03:11 GMT

GET
H2 200 tag.js Show response
ac.audiencerun.com/j/ 12 KB
5 KB 312ms
89ms Script
application/javascript 18.66.147.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.audiencerun.com/j/tag.js
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7c1252dbe967841bbf91616850d8e5527d03efe9b12fa6851f3efeb5b3ed852

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 04:03:18 GMT
x-amz-version-id: 9fU_srqx8hqUj7dfVk3jsrDIebiwPjcw
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 16:17:00 GMT
server: AmazonS3
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: W/"38d5ce76570c583216f97fca4f3fde13"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,public
age: 63457
x-amz-cf-id: XJDq2d7L6LSvMIJKiiNUQHVPtsoVToAPaaU4oU7AqN6LHYapITntkA==

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/84/frm/mentions/ 17 KB
5 KB 179ms
64ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/mentions/tooltipster.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645002
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEvDQleKO5IPSq255Cb7%2B4P4Owcd%2FK4D0OXPuws8bMww12ElUT%2B%2FpPR0mLpqyxzJ%2BOij6MqpzMX9wxU2i4pOVMvI9L3CaeueeV9dre26NSBdNK0uqpsKv7u0y49%2BWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 8668623c9baf86c6-MAD
expires: Tue, 11 Mar 2025 10:30:51 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/84/frm/mentions/ 2 KB
2 KB 177ms
61ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/mentions/init.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645002
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 14:29:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXDIGkJiIvPqAnOF5BhIFCNStYrxfN7zLzl01UopXLZbfWS2uxAkXES8cfpkqyYmQiL4oFxeBD3w1SIn1twvN6deqr5CiZPf09TMhNzw%2B8XAaE2201DtZaD8QeAL6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 8668623c9bb286c6-MAD
expires: Tue, 11 Mar 2025 10:30:51 GMT

GET
H2 200 FAToolbar.js Show response
illiweb.com/rs3/84/frm/jquery/toolbar/ 26 KB
7 KB 240ms
125ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645003
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: MISS
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 14:51:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fs8wG6hEroFwg3ajYkmcyRRdmDGA8OyUN278%2Ft0%2B6QXRQ8azZyjxCWghiBzi7jHs7oYthg9D0MfVvNDxFBHp66Zzav4OCPicXv56ETD2xMtXAAiPZCdT8MO8%2B9CANg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: MISS
cf-ray: 8668623c9bb186c6-MAD
expires: Tue, 11 Mar 2025 10:30:50 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/84/frm/mentions/ 6 KB
2 KB 246ms
131ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/mentions/tooltipster.css

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645002
cf-polished: origSize=6667
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79ewyLsk19lCq9EbBChdA%2BAa%2FfTpIkCtN0feUi%2BblhzpJkFxkdrH1wloUSR%2BsgyzxA7tibNtiXQjwjMQR7Tad5yTTXlbX9DidJsf9h0yf0GF06IpwDCwCm4%2B5HmIYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 8668623c9bad86c6-MAD
expires: Tue, 11 Mar 2025 10:30:51 GMT

GET
H2 200 twemoji.min.js Show response
illiweb.com/rs3/84/frm/twemoji/ 17 KB
4 KB 177ms
62ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/twemoji/twemoji.min.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435008
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 10 Jan 2023 08:34:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAzX00YLvqUiswhQCmiY16dCbNBixtcSkoy8MYddJfRdNcPixhWEXPLL6Rnf31ki1ynRnW41Ab7QKvJhrSgbYLSVRJ7smFhYmfHetq4zFu2KRMYdDiDLUxY8WFx4wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8668623c9bb686c6-MAD
expires: Thu, 13 Mar 2025 20:50:45 GMT

GET
H2 200 rpg-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/css/ 20 KB
4 KB 218ms
105ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/css/rpg-awesome.min.css

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444bf79dabe1e138d5a03365e99b6ca7dac3f38f93e6be15cf5eb02c70a7eebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1646792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4094
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-5063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myQAzb9XpBF%2Bds9m57lAY8Bsbz97hVvK7mLvck96%2Bvt4scfF62P3DG0zf%2Ft7ImnZCXXptJxhrA9I1GxTaEVdJPCwogJOufopAJELswW8kYsvFqb2IWE8GIKcZbSkU9wvq02BBnql"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8668623c98272f98-MAD
expires: Sat, 08 Mar 2025 21:40:53 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 100 KB
19 KB 174ms
61ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 526034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18716
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-491c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciOD5kvoVsfW3b0kw6bOM2n7f270rYeFdcgfOMbdXrK82b9rFMLzM6fnD0qD8%2FyG8bvFZiFCIwTxYPl3BhX8xMKooAQQNrhKWBOpx7fzn3k8U0lrl4Ru5IPMwRWWlh90gFNWH9lE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8668623c98282f98-MAD
expires: Sat, 08 Mar 2025 21:40:53 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 279ms
91ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:40:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
1 KB 285ms
97ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Playfair+Display:ital,wght@1,900&display=swap

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

761550821935d6db3e32d87e298990165110f09af2ca071e0c6e00004759fc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:40:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
668 B 280ms
93ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Quattrocento

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

ec3d886d90e5fa6baeafcdbc3847657c491b6b71a64fbf6b63228a2bc9dc687e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:40:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
681 B 312ms
125ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 20:30:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 761 B
456 B 279ms
92ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:31:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:53 GMT

GET
H/1.1 200
OK W98NDdyy_o.png
images2.imgbox.com/6a/a7/ 1 KB
2 KB 265ms
84ms Image
image/png 212.63.223.226
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/6a/a7/W98NDdyy_o.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.226 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b813d7d317500b24b43f5f9b8950a041e9c9bedfb85ba7a4b9063901528b0487

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
last-modified: Fri, 18 Dec 2020 00:22:21 GMT
server: nginx/1.22.1
etag: "574-5b6b21a0c4940"
x-cache: HIT
content-type: image/png
cache-control: max-age=10736689
x-whom: srv1535
accept-ranges: bytes
content-length: 1396
expires: Sat, 18 May 2024 21:29:01 GMT

GET
H/1.1 200
OK 4T7lPFRa_o.jpg
images2.imgbox.com/2b/94/ 3 KB
3 KB 275ms
90ms Image
image/jpeg 212.63.223.226
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/2b/94/4T7lPFRa_o.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.226 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e18dc14f6370b1ae850f5854ecbf42e0c8ad448b7743b2ae03e35f3dd63cd55e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:53 GMT
last-modified: Mon, 23 Nov 2020 07:51:03 GMT
server: nginx/1.14.2
etag: "c85-5b4c174b107c0"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=10786913
x-whom: srv1535
accept-ranges: bytes
content-length: 3205
expires: Sun, 19 May 2024 11:26:10 GMT

GET
H/1.1 200
OK dWcZedKJ_o.png
images2.imgbox.com/0f/c4/ 6 KB
6 KB 88ms
87ms Image
image/png 212.63.223.226
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/0f/c4/dWcZedKJ_o.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.226 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c6de45ae40606621e2dae37f2086be7c6bdb6e9e7c0432e76d81aee85b949f28

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 03 Apr 2022 20:30:37 GMT
server: nginx/1.14.2
etag: "1778-5dbc5e2671540"
x-cache: HIT
content-type: image/png
cache-control: max-age=10384302
x-whom: srv1535
accept-ranges: bytes
content-length: 6008
expires: Sat, 20 Apr 2024 21:25:18 GMT

GET
H2 200 3nUpwK4.png
i.imgur.com/ 3 KB
3 KB 287ms
99ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/3nUpwK4.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

51d481bcc4b215ab67dc03f7b5e7509cc5e220ddc1ef4416bb56323248324923

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 1853795
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2985
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 26 Dec 2022 15:53:51 GMT
server: cat factory 1.0
x-timer: S1710798055.544478,VS0,VE1
etag: "f05504d2ffd94a784dd0f223acfb99d9"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: c_owkCyLtKn3B9XHYl6YfYwR-Yb022V1X3Vo6N6tVt3WYIyoHK7bAw==
x-cache-hits: 40, 1

GET
H2 200 gjDKolf.png
i.imgur.com/ 1 KB
2 KB 403ms
216ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gjDKolf.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bcd1914d2a6ca52ebde6f9ce95638b168399297fffbd00520195b5698db8b9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1236997
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1339
x-served-by: cache-iad-kiad7000124-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 18 May 2021 18:21:11 GMT
server: cat factory 1.0
x-timer: S1710798055.544428,VS0,VE89
etag: "ad8b18e031047148a832daa4b02ce503"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6YjTxRuhUewtGHNuUt8la0yS03s9rGAylYgFZUi62U52ijHdA1gmWg==
x-cache-hits: 28, 1

GET
H2 200 ezgif-2-87ccff01b0.png
i.ibb.co/zRKgxkb/ 5 KB
6 KB 337ms
163ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zRKgxkb/ezgif-2-87ccff01b0.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: e58a24b530aed8686caf48a487ad446ec9847a450e5cf588c51e9b6a6bb2548c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Mon, 25 Apr 2022 21:02:58 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5535
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 afi50.png
i.postimg.cc/y6JTFhPG/ 6 KB
6 KB 261ms
85ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/y6JTFhPG/afi50.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 6b7328bd80fc31359d93e442625ff14983237597df1c3f65fc32966dd252c802

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Tue, 29 Jun 2021 23:11:01 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6367
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oxGRw4y.png
i.imgur.com/ 7 KB
8 KB 291ms
104ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/oxGRw4y.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

971455dcd05d8fb19c0bdbbd3d94dcf0114c99de8679419ca6385a562d4f2711

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1371946
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7653
x-served-by: cache-iad-kcgs7200094-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 29 Dec 2014 03:28:18 GMT
server: cat factory 1.0
x-timer: S1710798055.544435,VS0,VE9
etag: "e1f1ac99d3c5426cec2aca3c5bd79f09"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6AAL01KqdSCaEXL5eLANIhKvLdi-rg2IhWu6cp67KfM7HNRbSGYe4Q==
x-cache-hits: 92, 1

GET
H2 200 eNGAv10.png
i.imgur.com/ 4 KB
5 KB 275ms
88ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/eNGAv10.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

29bccd56cbd3bb6d9ccaaaadb541d4ba4133ba731c6ef4b1e6c8829d0165793a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2203707
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4274
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 27 May 2023 21:04:21 GMT
server: cat factory 1.0
x-timer: S1710798055.544418,VS0,VE1
etag: "cfd525d67a24018df4b54ae341269c4d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vngbXTYsvSRMCVspVlQS4JQucDZuU2XJIGQp8F9dVJaIZsp2GNiEFg==
x-cache-hits: 14, 1

GET
H2 200 1oe39dq.jpg
i.imgur.com/ 3 KB
3 KB 275ms
89ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/1oe39dq.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

014fe5d5447fe71f3f3cd478dbc6aded935be923b8ba6443dc64e4db355a9114

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1238852
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2860
x-served-by: cache-iad-kiad7000044-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 14 Mar 2023 22:53:36 GMT
server: cat factory 1.0
x-timer: S1710798055.544407,VS0,VE1
etag: "fe44d608f1c996d2b599dbe90d0b995f"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _fHw63T5go2zw5rbPoY95gg6aREjez5zgndPFi-JAegFJ_5IEM51Ag==
x-cache-hits: 35, 1

GET
H2 200 zain0a0.png
i.imgur.com/ 3 KB
4 KB 197ms
103ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/zain0a0.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6d6163960d00e1a527f14f98b49a95cad36fbe5af45042b78161c74764acc547

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 2078731
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3182
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 26 Mar 2023 12:32:12 GMT
server: cat factory 1.0
x-timer: S1710798055.544386,VS0,VE2
etag: "cf02a79553e1eee41d141e2f963d43b6"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: v-3QRTryg0OrsJb0MTJJ9CwL8S-wRGVGEop5-RQuFOwivg5d_jTOVg==
x-cache-hits: 1, 1

GET
H2 200 4fFXaSR.png
i.imgur.com/ 6 KB
6 KB 102ms
99ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4fFXaSR.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7592f625de8ef8f92fae23f8be2e8cdd921d836840580c36c55d0ab40a3c5d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1719405
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5991
x-served-by: cache-iad-kcgs7200048-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 05 Aug 2019 00:37:35 GMT
server: cat factory 1.0
x-timer: S1710798055.620531,VS0,VE2
etag: "f3545a38399f1f679874ffab2620a0ec"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LkB3010ccK3JQUSUX9x9kmmZwIhL8xzOLKS6LRkAtlB17ZwroSmePQ==
x-cache-hits: 157, 1

GET
H2 200 ezgif-2-f25267f719.gif
i.ibb.co/drkmgmt/ 52 KB
53 KB 239ms
236ms Image
image/gif 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/drkmgmt/ezgif-2-f25267f719.gif
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: d8475b87ade2daea291d4311f881cfc7acfbeee29c766a4b62c9a285dfbd6b1b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Mon, 25 Apr 2022 20:56:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 53535
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5050.jpg
i.ibb.co/pZ7FvsP/ 2 KB
2 KB 239ms
237ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pZ7FvsP/5050.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 0ef38b46b4d8ea685782f9dc1032f02f832f46c50b9c7d5b577d95f206a6b311

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Tue, 12 Oct 2021 02:34:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2175
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 50.png
i.ibb.co/31hRFTH/ 6 KB
7 KB 239ms
237ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/31hRFTH/50.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: baeb881cab8fe480fc4d16e69edfc73f14e24db3bef8f305d8e543c7e61931a0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 14 May 2022 15:43:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6609
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HVyXVPU.png
i.imgur.com/ 7 KB
7 KB 91ms
89ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/HVyXVPU.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e5c100bbd01314f5e42382dbbf8fe0afa69b06e5b6c6ed8829105cc7896bc26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2949270
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7241
x-served-by: cache-iad-kcgs7200046-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 22 Nov 2021 16:47:27 GMT
server: cat factory 1.0
x-timer: S1710798055.620502,VS0,VE2
etag: "94e2452ed9538323e15db51ea6d33fa5"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: M3s6XORDG1J1PQCRXS_w9Xc6H7z9HSOu_dm3CXdtF3pWTaCp2YvaBw==
x-cache-hits: 4, 1

GET
H2 200 yRnr02a.png
i.imgur.com/ 4 KB
4 KB 86ms
83ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yRnr02a.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0241319c992caff49d7fd2a9bd5016746cc347f5b48d8c7f46dae3e657fc6fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1513239
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4106
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 01 Sep 2019 19:08:05 GMT
server: cat factory 1.0
x-timer: S1710798055.620475,VS0,VE2
etag: "2d7a9c11b980f783fed6db2c7f96465d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0KIXpWczWDhHahRoN1004_o-vm_4mjIFhq8_jb7kaTzsXEtuQBOlrw==
x-cache-hits: 57, 1

GET
H2 200 oyGZ5s6.jpg
i.imgur.com/ 3 KB
3 KB 140ms
137ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/oyGZ5s6.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9149cabe1850500b66079d83e9ce4aee151741b588da0edc70402fcaaf625c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1590214
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2905
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 14 Aug 2023 16:22:33 GMT
server: cat factory 1.0
x-timer: S1710798055.622260,VS0,VE2
etag: "6ef121f4b6d71ae54b96db008b5bcf3b"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Hd_G8WUDcJkXSEypz-KYlsvpp2hflthP91ei9ULds89g41zZk8kUPg==
x-cache-hits: 224, 1

GET
H2 200 lZrPBgx.jpg
i.imgur.com/ 5 KB
5 KB 106ms
104ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/lZrPBgx.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fce7d9f73f7b82c66b6c3904533cc6bafb66c0fa8d51474ffbd5b2bea3bc4e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 572514
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5110
x-served-by: cache-iad-kiad7000167-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 13 Jan 2019 15:14:21 GMT
server: cat factory 1.0
x-timer: S1710798055.621506,VS0,VE1
etag: "bd979c31cbd0cbe54881b30f2cf2f67b"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gqbLPapegwwSvaPJv393523Gupkg4ffYi3s2EOYQvrE0yjaiTGcsZw==
x-cache-hits: 74, 1

GET
H2 200 U3Gn5Fa.png
i.imgur.com/ 8 KB
8 KB 138ms
136ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/U3Gn5Fa.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c028dbfdbf425c88bd947f173c94f9135a126482620baf227d4bc8dd2caa35e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 4094564
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7730
x-served-by: cache-iad-kcgs7200109-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 01 Nov 2021 23:31:37 GMT
server: cat factory 1.0
x-timer: S1710798055.622174,VS0,VE1
etag: "09ee2023477dbe46a207566a6e3b1422"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rs4SZwqQ0Uq4wHGfLrQfu6OBl01TWbX-Mlz-nJymS8ZtxfgAi8bn-A==
x-cache-hits: 121, 1

GET
H2 200 1V7uaKR.jpg
i.imgur.com/ 6 KB
6 KB 112ms
110ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/1V7uaKR.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bbe405757fabd9ef07a1a2fedfbd20a5147548dbbcdddbc53c4fa479076e7aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 2186897
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6240
x-served-by: cache-iad-kiad7000155-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 20 Jul 2020 09:13:51 GMT
server: cat factory 1.0
x-timer: S1710798055.621212,VS0,VE1
etag: "21830fe9e175ede00f33eb8c1fdf8a15"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: itZoS_IOaOcCRK3I2m-HH-erj6ZwOJbeG25yNOzY5S-sDhUagM74IQ==
x-cache-hits: 36, 1

GET
H2 200 H4KHgtu.png
i.imgur.com/ 5 KB
6 KB 116ms
114ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/H4KHgtu.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

54393197eaef8a4f4690667afdc6183c54d8b17db98d61698ac8d7a0ee0dc81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 937585
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5482
x-served-by: cache-iad-kcgs7200085-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 29 Aug 2023 07:11:09 GMT
server: cat factory 1.0
x-timer: S1710798055.621847,VS0,VE1
etag: "2ac7053b2e36d397a7f0fd3a3ddf019d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: V7aRdwyOCZ0USgAdotVLODSLPILCAfkj-eL4HoZUFqoEL56SUyfHyQ==
x-cache-hits: 14, 1

GET
H2 200 50x5010.jpg
i.servimg.com/u/f56/20/43/72/05/ 2 KB
3 KB 190ms
64ms Image
image/jpeg 172.67.217.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f56/20/43/72/05/50x5010.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1dc11637e9ea37a2932b4482704ad1294ca240fe62047a3b3d6897419309a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655041
alt-svc: h3=":443"; ma=86400
content-length: 1982
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Aug 2022 00:27:23 GMT
server: cloudflare
etag: "630eaaeb-7be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AzHvwa9pmt4%2BuV%2FNypMIN%2BKmgbqdMoMAXnTKUpEczg2QfHnZKDzCQQ5uAgk4yT%2FKd7RX9vLbuh0Vq8XYZZfU1lJV66MVGDmGVlNwsYf4D2KfolRQkofPOdkQtmF5duqo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866862411d80214a-MAD
expires: Fri, 01 Nov 2024 07:36:50 GMT

GET
H2 200 GzlFs3N_d.webp
i.imgur.com/ 9 KB
9 KB 194ms
192ms Image
image/webp 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GzlFs3N_d.webp?maxwidth=640&shape=thumb&fidelity=medium

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

30c75be7ae1a3b55923ff36c2758e5b92e420f9cd2ce118ac57f3387ee400869

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 831985
x-cache: HIT, MISS
content-length: 9078
x-served-by: cache-iad-kiad7000020-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 09 Mar 2024 06:34:29 GMT
server: cat factory 1.0
x-timer: S1710798055.621500,VS0,VE89
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H2 200 aMHoDn1.png
i.ibb.co/vDG4M9h/ 4 KB
4 KB 239ms
237ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vDG4M9h/aMHoDn1.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 4ebc75dfa4f8ec1bd35f9151094270a0d4d728e5fe47f9660c276b047b7be9c2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 10 Jun 2017 16:25:47 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4338
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Sa1fTf2B_o.png
images.imgbox.com/a9/d0/ 20 KB
20 KB 313ms
125ms Image
image/png 212.63.223.227
SPACEDUMP-SPLIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.imgbox.com/a9/d0/Sa1fTf2B_o.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN50827 (SPACEDUMP-SPLIT-AS, SE),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: acebd68b3f0f865d4d38251ce3d591d618710c049aea48a4ad3ec46b81f3cda4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 03 Nov 2017 10:44:35 GMT
server: nginx/1.22.1
etag: "4ef4-55d11ca6b6365"
x-cache: HIT
content-type: image/png
cache-control: max-age=10774324
x-whom: srv1535
accept-ranges: bytes
content-length: 20212
expires: Thu, 25 Apr 2024 09:45:20 GMT

GET
H2 200 s3tdDHk.png
i.imgur.com/ 5 KB
5 KB 116ms
114ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/s3tdDHk.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c58431b7948d998488f72c586d7588c0801a4248ce09697a3987e50b171d59a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 2014366
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5034
x-served-by: cache-iad-kiad7000094-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 19 Aug 2023 23:49:24 GMT
server: cat factory 1.0
x-timer: S1710798055.621164,VS0,VE2
etag: "82bcf28b90fd7db54763b15c14f5d7ed"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: guSpNuqzlE5BrmRbFLRPhkcR-PlARqbDempwT-1IQWQwKTZUluWA5A==
x-cache-hits: 16, 1

GET
H2 200 NwMlAa1.png
i.imgur.com/ 7 KB
7 KB 123ms
121ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NwMlAa1.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c4e29419b579f0621a49e2027a529eaf8e103af4587a63d359b04107283efee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2214416
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7087
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 08 Nov 2022 11:49:53 GMT
server: cat factory 1.0
x-timer: S1710798055.621154,VS0,VE2
etag: "86c1de410b6f24089d34cb505e47a707"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KDQHiEvkyy-frkM0ruVl6iF6Kz3ZGXd7VHRxepADXrYiyILtZDBstA==
x-cache-hits: 6, 1

GET
H2 200 suKReqF_d.webp
i.imgur.io/ 8 KB
8 KB 625ms
175ms Image
image/webp 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.io/suKReqF_d.webp?maxwidth=640&shape=thumb&fidelity=medium

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

72ab16fb97f6f337a2de2ba4ae7b7784a57cc81a8130fbb291efd10a7d6fc0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 578396
x-cache: HIT, MISS
content-length: 7950
x-served-by: cache-iad-kjyo7100107-IAD, cache-fra-etou8220083-FRA
last-modified: Tue, 12 Mar 2024 05:00:59 GMT
server: cat factory 1.0
x-timer: S1710798055.069172,VS0,VE91
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 9, 0

GET
H2 200 DvwPmkB.jpg
i.imgur.com/ 1 KB
2 KB 192ms
191ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DvwPmkB.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c13a90240e68c60fb81b04d28db044f0782ae05ea832ff72a0a16aeb82edc930

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1063641
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220058-FRA
last-modified: Thu, 24 Jun 2021 05:27:43 GMT
server: cat factory 1.0
x-timer: S1710798055.621150,VS0,VE89
etag: "2a3058d5b6798a66d02e6815c0d454bd"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2cyYeJG6r6YpdWnWxDmk4HeWI9RwPYf4aH_F_b7_m4FD7J7dMUP_Dg==
x-cache-hits: 19, 1

GET
H2 200 asteria45.png
i.ibb.co/cybF9Ky/ 6 KB
6 KB 239ms
237ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cybF9Ky/asteria45.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 7a2c764b1df2671096f38503c8c35e2442b1e83012a9e5d262804576f1b7d323

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 21 Jan 2024 23:32:22 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6314
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

J8MwrFg.png
i.imgur.com/
Redirect Chain

https://imgur.com/J8MwrFg.png
https://i.imgur.com/J8MwrFg.png

6 KB
6 KB

102ms
102ms

Image
image/png

146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/J8MwrFg.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7cedf5529c0437be68643178fcb34a3257460caac0535438f373b58d2a136e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2012335
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6049
x-served-by: cache-iad-kiad7000086-IAD, cache-fra-etou8220058-FRA
last-modified: Fri, 10 Feb 2023 15:13:40 GMT
server: cat factory 1.0
x-timer: S1710798055.036900,VS0,VE20
etag: "1cb6440c012ec20d36802bd017a33058"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fXjHFX6ndyh2H3Lg1cC3C4HpDLsPIAHxets6ktSOi1zHt7eRe3xkdA==
x-cache-hits: 41, 1

Redirect headers

x-cache-hits: 0
date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1710798055.973930,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/J8MwrFg.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lis1490042-LIS

GET
H2 200 b85A0p3.png
i.imgur.com/ 5 KB
6 KB 125ms
121ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/b85A0p3.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

859650bfe5d8b9b4bc3a224457e489dfa9701f8abc03e2fc61223ac6abf0020f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1130887
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5544
x-served-by: cache-iad-kiad7000169-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 07 Feb 2023 02:26:03 GMT
server: cat factory 1.0
x-timer: S1710798055.644731,VS0,VE2
etag: "474bdc1a4229ea3fd1128a845b674f50"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CTRfmnaEHKVv0540g-Z3xNV05VU5Hs2VlXLbpRf45ePLjxzscWmlXQ==
x-cache-hits: 61, 1

GET
H2 200 fhKiKdJ.png
i.imgur.com/ 5 KB
5 KB 176ms
172ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fhKiKdJ.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b92e79d71aeaaa5b21693d3f8a851193d4046b4f479784a8d1e43bb135eb66e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1600164
x-cache: Miss from cloudfront, HIT, MISS
content-length: 4814
x-served-by: cache-iad-kiad7000122-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 16 Oct 2021 14:37:06 GMT
server: cat factory 1.0
x-timer: S1710798055.644725,VS0,VE89
etag: "ab530a5b5f0211a7b397f690a0d1b663"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: aD0uiSUiMpLrHjgAwTnuDEXHWbrtV9KCtV9G-a3IEUkaWAdlBxCZ_Q==
x-cache-hits: 26, 0

GET
H2 200 afi-50x50.png
i.ibb.co/HD9wY5w/ 5 KB
5 KB 218ms
213ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/HD9wY5w/afi-50x50.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 3d16ceb79312419a58fea811d4cd594e4aae27342f067fadf6ddeb553390a2d6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Tue, 31 Jan 2023 17:27:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4892
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 p2TXeoN.png
i.imgur.com/ 7 KB
7 KB 124ms
119ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/p2TXeoN.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5ed04f39fd314c862cc395a084e101851d2c0a6b287266ae9923fbac3dc01487

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1098007
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6996
x-served-by: cache-iad-kjyo7100124-IAD, cache-fra-etou8220058-FRA
last-modified: Fri, 22 Jul 2022 20:32:17 GMT
server: cat factory 1.0
x-timer: S1710798055.645012,VS0,VE1
etag: "c248d2584afdf6bc46f7bbb0e7f84dd9"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Lt4yiruCqQQ178ne_T3caM30-CRHYIcoAFpUTvcquoVhK7sxBawLHA==
x-cache-hits: 3, 1

GET
H2 200 wh5nIrn.png
i.imgur.com/ 6 KB
6 KB 167ms
163ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/wh5nIrn.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d905cb0b5f0b78ddfe3916b89f201d32a9c2daeee22bdd02b8d4023bec6844f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 974711
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6344
x-served-by: cache-iad-kjyo7100080-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 18 Jul 2021 20:04:54 GMT
server: cat factory 1.0
x-timer: S1710798055.666281,VS0,VE2
etag: "3324e37b1c6e12fa053ee417b04e0176"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kEiWHY5QZGTusP4Klh5HogGR0S30_VlTkgk4wUKKWr_gXy_LwBfmow==
x-cache-hits: 16, 1

GET
H2 200 aqnRpgu.png
i.imgur.com/ 5 KB
5 KB 149ms
145ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/aqnRpgu.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

61511246002a4ae93dde7012b2a3f1e7f0ede5a14ae82b2bf3ac4527e7ca916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2009126
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5063
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 19 Feb 2024 13:48:46 GMT
server: cat factory 1.0
x-timer: S1710798055.665534,VS0,VE1
etag: "b042f6aaa0fb6cedb5bf059ceec9d44d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0U7On0uCXFXyfrcSfNsAVys_gvZyMk97YIfjEZvYqeUxujOdX3AwfQ==
x-cache-hits: 3, 1

GET
H2 200 cIkAAEw.png
i.imgur.com/ 6 KB
6 KB 164ms
160ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cIkAAEw.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cbb32862e4ed4665d439b421b5599b013fdf6022d45c1073e485395575153813

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1600647
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5870
x-served-by: cache-iad-kiad7000156-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 04 Dec 2021 19:55:24 GMT
server: cat factory 1.0
x-timer: S1710798055.666621,VS0,VE1
etag: "4fa6f0d2d63583337a43b07e0e54123f"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8X2CYBBPQ49AvQk8ABxopB3saiF7CNF6ZUDa6TiyepwNviHinbrZGQ==
x-cache-hits: 21, 1

GET
H2 200 qKW7UIQ.png
i.imgur.com/ 8 KB
8 KB 142ms
138ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qKW7UIQ.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0a4e0903e5984e8aade021f68ff39829f91b26753f7cff18694a857165f0b25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2127692
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7843
x-served-by: cache-iad-kcgs7200087-IAD, cache-fra-etou8220058-FRA
last-modified: Fri, 22 Sep 2023 13:49:06 GMT
server: cat factory 1.0
x-timer: S1710798055.664890,VS0,VE1
etag: "9f5a544a7880acc7611b3e730742a8e3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qQKfNC9mrCMqfLtCzzdI40hHZNiNvDX46J9QtPVoeI0cG9qISv7onA==
x-cache-hits: 51, 1

GET
H2 200 Wz7CN56.png
i.imgur.com/ 5 KB
5 KB 159ms
155ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Wz7CN56.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ada8f0e18f58dc11a03747d307ecec5cefedddb50ec91d37627ffaf0ff531a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2096278
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5295
x-served-by: cache-iad-kiad7000138-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 15 May 2023 16:04:16 GMT
server: cat factory 1.0
x-timer: S1710798055.665960,VS0,VE2
etag: "5fc60fb5f8b868a2bc89453b04cff167"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: veQ897Pp0u0AMOqqZOMXevfm5ZjbzdXMLO3U0_DDC98axT6gaErMfQ==
x-cache-hits: 133, 1

GET
H2 200 3UcRlni.png
i.imgur.com/ 7 KB
8 KB 138ms
134ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/3UcRlni.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5589298b2c71f53ffc09af3d6eaf6b77eadd881b0e97be3fb80e52f39783e65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 1070532
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7499
x-served-by: cache-iad-kcgs7200029-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 04 Jul 2022 10:41:53 GMT
server: cat factory 1.0
x-timer: S1710798055.664601,VS0,VE1
etag: "25f32b4e9ea0d409deea4eb66da168df"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uePwCe_MNWvQw9B0NDQiEFlwHcTvnKFKL-nYp7PHj_QewaTTMKHsKQ==
x-cache-hits: 3, 1

GET
H2 200 jpUQL25.png
i.imgur.com/ 7 KB
7 KB 158ms
154ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/jpUQL25.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

aabb761b66d0fc0a03b1a9274cad02377ccd9ee157dcaccb4756481581c2e501

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2202931
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6852
x-served-by: cache-iad-kjyo7100119-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 13 Feb 2023 11:00:26 GMT
server: cat factory 1.0
x-timer: S1710798055.665910,VS0,VE2
etag: "f404d265f2d1f270a255be28665d8ec3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qAj7pnue_ZdDSPLQaja3YC3C9wx6NrjU2AIt4pFp36o0ifL09dIaLQ==
x-cache-hits: 64, 1

GET
H2 200 5010.png
i.servimg.com/u/f59/20/12/58/86/ 8 KB
8 KB 77ms
73ms Image
image/png 172.67.217.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f59/20/12/58/86/5010.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcadb529ed8d75be5c7dd396c5315a1faea0ce85afb47906e007cd9b93c6af76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1641934
alt-svc: h3=":443"; ma=86400
content-length: 8163
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 18:41:27 GMT
server: cloudflare
etag: "6521a657-1fe3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B2ojZPVt9eGxVGJEg9UAiHDxm3kuHsYuSUgUD0gg1QCAG9M%2F4bvCW0AfulXH1974%2BokPigkIY9MtC6t%2FHjk0MERHKiR3sV3bWbtOOYMeD%2F6gHGuhFvubDZi1pgubDnk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866862416e73214a-MAD
expires: Wed, 30 Oct 2024 10:05:33 GMT

GET
H2 200 50x50.jpg
i.ibb.co/6gnjNf7/ 3 KB
3 KB 217ms
213ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/6gnjNf7/50x50.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 00e37ece44fd383c9223ba81c1fc9f4a5f95291eb12248d63712e1bffa7e2bb7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 14 Dec 2018 11:11:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2861
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oikpACZ.jpg
i.imgur.com/ 1 KB
2 KB 157ms
153ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/oikpACZ.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4e8aaa085400e98a9f14770565c4c93f4bcb42369bee59ccbdf6b3724ac9c244

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3771585
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1338
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 18 Mar 2018 11:24:05 GMT
server: cat factory 1.0
x-timer: S1710798055.665576,VS0,VE2
etag: "8fcbe0901853e67852f3ffe69fa6f7c7"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PP5G4Ihq507kJGzhWB7jPTtyEIeN5ls70cTVoUA2-0cH4hOQnOWMWg==
x-cache-hits: 33, 1

GET
H2 200 1tb8IKJ.png
i.imgur.com/ 4 KB
4 KB 153ms
149ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/1tb8IKJ.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fbaf58f38b7e138e754044e4c8c47f3a25221a872703f0f780496bd8b2f7e161

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 545092
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3857
x-served-by: cache-iad-kiad7000151-IAD, cache-fra-etou8220058-FRA
last-modified: Fri, 25 Nov 2022 22:15:26 GMT
server: cat factory 1.0
x-timer: S1710798055.665606,VS0,VE1
etag: "cb935484f282d698c622258fa957a53b"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: blSJu4uAFoS69u2txWIlw8sviVa25ExOHFvMNFCog7aeRmP0OERrHA==
x-cache-hits: 5, 1

GET
H2 200 N564lOJ.png
i.imgur.com/ 7 KB
7 KB 218ms
214ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/N564lOJ.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7d84b8ca1c09c40aae668b9b97abfc18c6fc279d5df7c4d4ca649aec30e398db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 154299
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, MISS
content-length: 6759
x-served-by: cache-iad-kcgs7200128-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 05 Aug 2023 18:24:43 GMT
server: cat factory 1.0
x-timer: S1710798055.666803,VS0,VE109
etag: "3b83db829426d5ef6bda3b6e84d81cf4"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EkxM3PHZOSlZkZx75VGoZKXTt2asid02DmcEZzKq3FgU0tx9fjGrYQ==
x-cache-hits: 2, 0

GET
H2 200 fOOue6S.png
i.imgur.com/ 5 KB
6 KB 163ms
160ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fOOue6S.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d61fccdff3ee43eca5a6698aca9bbd34e45a9eb8788b6b67adfdeecb30e7b2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 1428950
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5516
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 11 Jul 2023 03:25:12 GMT
server: cat factory 1.0
x-timer: S1710798055.665255,VS0,VE3
etag: "0a42979383db78cb82867f35b7795de0"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: e4PpDGXwb6Iff8gEMBni-t8pyT_mglKeNxs_lixxOS3tU-ByFzprgw==
x-cache-hits: 10, 1

GET
H2 200 veZWDVH.png
i.imgur.com/ 2 KB
2 KB 165ms
163ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/veZWDVH.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

994dda44a6d229433501f2e481d5cf966d6babd9ae385943e5e5701d48200997

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ATL59-P7
age: 2212101
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1716
x-served-by: cache-iad-kjyo7100050-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 05 Nov 2023 01:47:14 GMT
server: cat factory 1.0
x-timer: S1710798055.664921,VS0,VE3
etag: "1a8edbe7a32e3b7d3b4cfec547ae1049"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ryz-NAkyS2J7pE60Ddd6U01vNq2d9SpIjHoj63D_6_FZgqS_fDfmiA==
x-cache-hits: 9, 1

GET
H2 200 rUcEe63.png
i.imgur.com/ 7 KB
8 KB 151ms
148ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/rUcEe63.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1ad3cad40ba51c721a14096ccc599adff6db0549392fb2c7a88d9a3957873bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: BOS50-P2
age: 2454261
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7334
x-served-by: cache-iad-kjyo7100112-IAD, cache-fra-etou8220058-FRA
last-modified: Wed, 25 Dec 2019 20:09:35 GMT
server: cat factory 1.0
x-timer: S1710798055.665275,VS0,VE2
etag: "e8a1bbcbb3b88462dac41def6d00c993"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: afrcW5j_a21a4gdBWEe3EC4vwKNRG9fhrACQeqvD7UpvbFjfH9JDag==
x-cache-hits: 109, 1

GET
H2 200 tumblr_inline_s33fybio5q1szqopu_500.png
64.media.tumblr.com/e927f110bd3c1e24afccca279948e274/ 3 KB
4 KB 1179ms
57ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e927f110bd3c1e24afccca279948e274/tumblr_inline_s33fybio5q1szqopu_500.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fd76f51e57a81c541d13e0980704422da98cedccc7688ed66a24c88bfc120975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=mad, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 3525
x-nc: HIT mad 5
last-modified: Wed, 25 Oct 2023 16:47:00 GMT
server: nginx
etag: "e927f110bd3c1e24afccca279948e274-1498089600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 VGITdQw.png
i.imgur.com/ 6 KB
6 KB 144ms
142ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VGITdQw.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7932ce638287b43994d67fc8a6b967908edbbad9a935e50cef0474e11674a55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 1775335
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5848
x-served-by: cache-iad-kiad7000080-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 22 Oct 2017 02:30:07 GMT
server: cat factory 1.0
x-timer: S1710798055.665223,VS0,VE1
etag: "de83d942c07e150c2c0754584537dbbd"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ysS8LwIJ59Al52Fs9la-AEWQRLedSHI3VzmPBRurAynbRA_DBmGJrw==
x-cache-hits: 354, 1

GET
H2 200 1Kv95g0.png
i.imgur.com/ 2 KB
3 KB 131ms
129ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/1Kv95g0.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cad56b2d52b2abbf3b50293f247b04c26fb5ebba5b506f8052d73a0ddf77ba4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1423423
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2470
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-etou8220058-FRA
last-modified: Thu, 21 Dec 2023 15:11:35 GMT
server: cat factory 1.0
x-timer: S1710798055.664465,VS0,VE2
etag: "9ec8268aa391f61de583d350dd40aea8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3BQwHfXcu2rnsISHhgfv9miNM8_YNWUUn6n5uNKS5S1gYCxhEWvLHQ==
x-cache-hits: 22, 1

GET
H2 200 Kt1pWxl.png
i.imgur.com/ 2 KB
3 KB 129ms
127ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Kt1pWxl.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

86ee48c89512802d62b4e6870d57fde3c443826d2ea71cfce2d951235c3360f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ORD56-P6
age: 4166255
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2377
x-served-by: cache-iad-kcgs7200125-IAD, cache-fra-etou8220058-FRA
last-modified: Sun, 06 Nov 2022 00:07:44 GMT
server: cat factory 1.0
x-timer: S1710798055.664453,VS0,VE1
etag: "ed77b53959e661c39900c2fe5f74bae8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3Vta12v7lxMVcR1N4j9G0RQqFWP-xIlW8BvVBPG9RcOIf3kvUuzS9Q==
x-cache-hits: 131, 1

GET
H2

200

WmvuKGy.png
i.imgur.com/
Redirect Chain

https://imgur.com/WmvuKGy.png
https://i.imgur.com/WmvuKGy.png

2 KB
3 KB

84ms
83ms

Image
image/png

146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WmvuKGy.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cc52aaa8076fdb7226fa92d44da68a6c066593858fb6f20084e2467dacc9d9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 339850
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2315
x-served-by: cache-iad-kiad7000035-IAD, cache-fra-etou8220058-FRA
last-modified: Tue, 14 Nov 2023 12:33:00 GMT
server: cat factory 1.0
x-timer: S1710798055.036781,VS0,VE1
etag: "62685f8b4e057b2739f6e92e2cb4dff7"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gqwsoGLx6bl1mX9wvSIraD8Ak6l_i__Lmyr24N5W7bFNlrFaOWYVnw==
x-cache-hits: 6, 1

Redirect headers

x-cache-hits: 0
date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1710798055.973918,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/WmvuKGy.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lis1490042-LIS

GET
H2 200 owCMaqP.png
i.imgur.com/ 4 KB
4 KB 149ms
148ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/owCMaqP.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d4bb6f7fa3af6507f11a533b47ee4f9b3d984c32690cc60dbca99038c9c99f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3442185
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4179
x-served-by: cache-iad-kiad7000048-IAD, cache-fra-etou8220058-FRA
last-modified: Mon, 27 Feb 2023 03:44:09 GMT
server: cat factory 1.0
x-timer: S1710798055.664444,VS0,VE3
etag: "768697d31364b501b1f277ada832c0f0"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 12NP7cxEv6Gs-eaEpIl4vEn1uadyXCdhNl0UjGWn3YEiTQokkXLCqQ==
x-cache-hits: 27, 1

GET
H2 200 XH9eCIV.png
i.imgur.com/ 3 KB
3 KB 157ms
156ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XH9eCIV.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f1e0ba3fed409f2430cdf3842a0523c9ee8bdafa8da670a460ddf32e6b8bd510

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2112216
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3044
x-served-by: cache-iad-kcgs7200147-IAD, cache-fra-etou8220058-FRA
last-modified: Sat, 13 Jan 2024 20:50:26 GMT
server: cat factory 1.0
x-timer: S1710798055.664431,VS0,VE4
etag: "841070bbede8daf6b9e599cb310cac59"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xAVE-tSMygg2eSsF8c1KQJ9CcLM-VB4N8c4AygQ9lh7W8Clcm_eUug==
x-cache-hits: 84, 1

GET
H2 200 45x45.jpg
i.ibb.co/3ThRcdr/ 10 KB
10 KB 317ms
316ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/3ThRcdr/45x45.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: aeca652c8bd7bac4120885fd6f9a7b2f352307aa55e5129aee6609bc796c944c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Thu, 18 Jan 2024 17:03:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 100x1010.jpg
i.servimg.com/u/f14/19/82/28/85/ 5 KB
5 KB 64ms
63ms Image
image/jpeg 172.67.217.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f14/19/82/28/85/100x1010.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c5b49cdd1ddf2428f0185e00c5e454bfeccc7212b3f0fa7f8f1a922f29f12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1646426
alt-svc: h3=":443"; ma=86400
content-length: 4873
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Nov 2023 03:16:57 GMT
server: cloudflare
etag: "655c2129-1309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PsVoH0lBkz0iOwa9Lh%2BB7sGoq8niA6l7lU1raMzf0qvaXH5xwwXM99vdSocCZXcyclEkhgLpBdl58lZrJIPnpsFk0fn7tAGfxBwRiCXO20mh9v8eTRmLVHHrddOpkeK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866862417e81214a-MAD
expires: Fri, 06 Dec 2024 20:34:42 GMT

GET
H2 200 ezgif-7-d0ad66b3a2.png
i.ibb.co/vmTzf7Q/ 5 KB
5 KB 317ms
316ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vmTzf7Q/ezgif-7-d0ad66b3a2.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1245a6d5817108254941fa1c5247da3ddec0a4f84508040c5b636bd0af732bab

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 14 Jan 2024 23:12:42 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

88x31.png
licensebuttons.net/l/by-nc-nd/4.0/
Redirect Chain

https://i.creativecommons.org/l/by-nc-nd/4.0/88x31.png
https://licensebuttons.net/l/by-nc-nd/4.0/88x31.png

1 KB
2 KB

202ms
68ms

Image
image/png

104.22.10.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by-nc-nd/4.0/88x31.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Server

104.22.10.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2485868f73dbed3d5ea3350e36e478e835c064bb5d4c2b20b1fa14c845d0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6603
cf-polished: origSize=5281
content-length: 1525
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
etag: "5eab4a31-14a1"
x-frame-options: deny
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8668624b59101bac-MAD

Redirect headers

date: Mon, 18 Mar 2024 21:40:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 344
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html
location: https://licensebuttons.net/l/by-nc-nd/4.0/88x31.png
cf-ray: 8668624a0aa03150-MAD
x-xss-protection: 1; mode=block

GET
H2 200 jquery.marquee.min.js Show response
illiweb.com/rs3/84/frm/jquery/marquee/ 4 KB
2 KB 62ms
62ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/jquery/marquee/jquery.marquee.min.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 644998
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wP%2FPFfmn20gmxYQdJzNyr3TODmt07O9ntAYNyzwkVPv4Aa15SY3xv6qwPyrdAasIDskrC%2BYWR7UDdaPeO6dtcNQQFyo7oG65VA3QuoWpYVjbEjyq8n6nrOnUb1rHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 8668623d9d9486c6-MAD
expires: Tue, 11 Mar 2025 10:30:56 GMT

GET
H2 200 main.js Show response
illiweb.com/rs3/84/frm/awesome/ 15 KB
4 KB 62ms
62ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/84/frm/awesome/main.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b769f21d3a30c576d3e4458ff13f46ced2558648a3b8c08620f54978879d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 644967
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Mon, 07 Nov 2022 14:32:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gD9BfBsSTnqf%2BdgTOKqn7ZX81%2Byh0zV9Qe2thhhB%2Bl29tY%2B6jt4TByDU1gQWqkJWSQDujfV18knqkbyZraqq3nGc4n2b%2B2XQTD5ZqdwYDNJXHu7bXZoGqLwFbeGt7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 8668623dadb186c6-MAD
expires: Tue, 11 Mar 2025 10:31:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 57 KB
2 KB 92ms
92ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

0ef3edd109457a00e4a88aed18706d7eb381a1c2e4e65966698c84b426217e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 21:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:03:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 21:40:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
84 KB 106ms
105ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1f6d09758891267b5dbf02174fe3a62664b0f633ac1250a12772b3c1de587d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Mar 2024 21:40:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1514ms
84ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 134
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Mar 2024 23:38:42 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ 660 KB
58 KB 2925ms
537ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48c98c13e33f79710d2217613880d31a11163101596db60442da1cc5bd608741

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: wYxMYQ3k6rvf2liZBPiczQhbufhWe55o
content-encoding: gzip
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:57 GMT
x-amz-request-id: EJYQJ0W4XWPNTFM3
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 31
x-amz-replication-status: FAILED
content-length: 58676
x-amz-id-2: 5tbbSIlApPrRrgv5GU/YgPrXZWmWMiPsy85Ar7QO0FRPIjaptiogBmSVcz6vfjwHZy6KNdQx/Qw=
x-served-by: cache-lis1490054-LIS
last-modified: Mon, 18 Mar 2024 17:40:01 UTC
server: nginx
x-timer: S1710798057.044775,VS0,VE440
etag: "af0424e66b4b43e88579e7cf108e49404e1ff6f0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 382ms
170ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 02:38:45 GMT
x-content-type-options: nosniff
age: 586929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 02:38:45 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ 125 KB
126 KB 399ms
188ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:40:20 GMT
x-content-type-options: nosniff
age: 464434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 12:40:20 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 422ms
211ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Playfair+Display:ital,wght@1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 14810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 17:34:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 296ms
85ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 04:08:42 GMT
x-content-type-options: nosniff
age: 495132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 04:08:42 GMT

GET
H2 200 Ermh.webm
webm.red/ 385 KB
387 KB 340ms
216ms Media
video/webm 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webm.red/Ermh.webm

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d6b0d1f31994c751303a2255d694f9ba00343c14bb307d3ab73d1e1dd95041

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: cloudflare
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFfFfGQ87T7bZNMf8Nv25Yp96BUKVn502QbINCTTZwB1iWPzO4YijKfgXgHactq%2F7lXppbNGLJhkgoqQJBO8Z6l5yHBiJtB%2B%2FkdlcypI2MINfbnfmQEHrpu1Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
vary: Accept-Encoding
cache-control: public: max-age=315360000, private, public
cf-ray: 866862428a2b2fa5-MAD
expires: Thu, 16 Mar 2034 21:40:54 +0000

GET
H2 200 logomobile.png
2img.net/i.ibb.co/rmh2CwF/ 2 KB
3 KB 204ms
69ms Image
image/png 104.21.235.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i.ibb.co/rmh2CwF/logomobile.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d384fd17d07115b5b80d25673f27746a8c98fbc1860fc17488e64bf727fb9806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1634565
alt-svc: h3=":443"; ma=86400
content-length: 2288
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Apr 2021 17:38:45 GMT
server: cloudflare
etag: "607f11a5-8f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B9TfPlKHVv5kJzbjpJ%2Bqzwj9SE2sT8BGeeupZhamuwqo1b8QAy8gVbk0fVvz8%2F1qIA8C0W%2Fq7ipt7jHwsvXNGRZ8zab%2F4O%2FknSElT3OnxmpwCzcTo9uF4%2F9xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86686240eddb2f8f-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fondo.png
i.ibb.co/Dwmhc7c/ 448 KB
448 KB 266ms
163ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Dwmhc7c/fondo.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: ecec85c7374859542765ce88023073ebbf3140be33abe99e6f5e714ed4382295

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 16 Dec 2023 00:50:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 458384
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-c0fd08e6e2.jpg
i.ibb.co/nCP3wJw/ 140 KB
140 KB 265ms
162ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/nCP3wJw/ezgif-5-c0fd08e6e2.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 132ab3e1f1c2378c3acf64758dd2721f8f1b1e72c44f6ce99ee35e32bb597b27

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 28 Apr 2023 21:57:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 143035
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-b9f81adb05.jpg
i.ibb.co/yRgj6Fp/ 27 KB
27 KB 266ms
163ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/yRgj6Fp/ezgif-5-b9f81adb05.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 90481e4b6d834591ddcd5fff10b0b10340d3fb70dcd606404a7ca1d7ffe7689e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 28 Apr 2023 22:13:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 27600
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-3-58fd44dd1e.png
i.ibb.co/swzWQ8Q/ 331 KB
332 KB 265ms
162ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/swzWQ8Q/ezgif-3-58fd44dd1e.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 3432220049708992e649bf45082c25c2a121836762f21429a956b259031ab34b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 21 Jan 2024 21:09:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 339015
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-4db1722343.jpg
i.ibb.co/980jjWp/ 301 KB
301 KB 266ms
163ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/980jjWp/ezgif-5-4db1722343.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: b6d347557119027a15a7bbd86f812aaa0b2daf145c31637219ff258aa4cd1d92

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 28 Apr 2023 22:06:04 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 307748
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-2-82617656d1.jpg
i.ibb.co/0jFZRrL/ 92 KB
92 KB 271ms
267ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/0jFZRrL/ezgif-2-82617656d1.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: fe9694ccf79844191ee92e8f6fc146dfe34436c879860303532c1f1d0123f5fd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:01:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 93776
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-2-0229a67641.jpg
i.ibb.co/TcV2Tr8/ 40 KB
41 KB 271ms
267ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/TcV2Tr8/ezgif-2-0229a67641.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 41226463e6d9e37e760f24a5b32ee8d816b6a1eb070b32bad777609305fe1083

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:11:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 41436
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-2-fe65693137.jpg
i.ibb.co/m9Pvw5c/ 81 KB
82 KB 271ms
267ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/m9Pvw5c/ezgif-2-fe65693137.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4663dcfa8b8041e3ef67807da26745f39321124bc7ae99e17e9c8edfe027d6a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:18:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83319
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-2-e76345d00b.jpg
i.ibb.co/1TzWbQz/ 69 KB
70 KB 271ms
268ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/1TzWbQz/ezgif-2-e76345d00b.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: fea9992a54743cd741f17a53c84848e9a27ecbbdf03fa72d0cf8cc57be50e97c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:22:21 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 71049
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-2-c4bd897aba.jpg
i.ibb.co/yXsWyV7/ 26 KB
26 KB 271ms
268ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/yXsWyV7/ezgif-2-c4bd897aba.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: f3eebf2b790325089a1b6a2cf2398a9402a1f944b9c3c8c14a438daa6a921904

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:35:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 26315
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-4-fd58ec52ad.jpg
i.ibb.co/sP14jcL/ 20 KB
20 KB 271ms
268ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/sP14jcL/ezgif-4-fd58ec52ad.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 083c215d020ef20b62da35322ef91a79310e0dddd7ad5f8b724323cc2e53a355

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:37:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 20578
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-fbba75c9df.jpg
i.ibb.co/W6rSVmf/ 84 KB
84 KB 271ms
268ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/W6rSVmf/ezgif-5-fbba75c9df.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: aaeb3ee977edfe61235b06e3aab43f9d9f268667e85bd170b7a0c303a40bf62a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 03 Feb 2023 00:36:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 85674
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-67416275f6.jpg
i.ibb.co/nfn73GY/ 79 KB
80 KB 271ms
268ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/nfn73GY/ezgif-5-67416275f6.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: c64d27af1ff906ff0ade093c3de4f6144d91a276e7163c84efc95ad14a058390

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Mon, 17 Apr 2023 10:50:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 81407
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-3-033bb911ec.jpg
i.ibb.co/rHy2Xtj/ 23 KB
23 KB 271ms
269ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/rHy2Xtj/ezgif-3-033bb911ec.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 5ee57311c098b0adf129e3594dd848cba80a80107ee8400ed5ae2259af9a3828

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 30 Jun 2023 18:17:29 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-4-0b43ee78ce.webp
i.ibb.co/9pN0qQp/ 283 KB
283 KB 271ms
269ms Image
image/webp 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/9pN0qQp/ezgif-4-0b43ee78ce.webp
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: f55eac1c56f5443eb71cf466d900f65b670cdbf0653a4030e0dbe3628935ebe3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:47:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 289532
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-4-973caec79a.webp
i.ibb.co/DtHPfrw/ 237 KB
238 KB 271ms
269ms Image
image/webp 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/DtHPfrw/ezgif-4-973caec79a.webp
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: eaf56928b027a8c51c3ab7d5cd88accab808e773622e2cd46320986f58f917c5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sat, 29 Apr 2023 00:48:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 242774
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rpgawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/fonts/ 146 KB
90 KB 67ms
67ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/fonts/rpgawesome-webfont.woff?v=0.1.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/css/rpg-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0127873ef4aef74bcc577a37dd7d544828c77bb896e3f6e1e1a2da78c0b399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/rpg-awesome/0.2.0/css/rpg-awesome.min.css
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 442148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91438
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-24648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxdqqEuT0EcgItcqR9BDJjz6VB6bFemfde5C2Ubo45pGK1pYqpbJJfHzSvjqi%2F%2F4CqKZ%2Flp%2Bcc5Hod0KihegZ2dKjQT8SBI%2Fz%2FJ7hinmmZN1rLFBN4nR%2Br5O3JKWGSy1S7Mtx123"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8668623fff462f98-MAD
expires: Sat, 08 Mar 2025 21:40:54 GMT

GET
H2 200 SPOILER-Luka-A-Petrov.jpg
i.ibb.co/PN8Rpvn/ 59 KB
59 KB 272ms
269ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/PN8Rpvn/SPOILER-Luka-A-Petrov.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 29e4df358abdf39aab5f2c81f501dfe904cd37ad10901e9985fd2cfd4b78506f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Thu, 04 Jan 2024 18:40:04 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 60085
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_topic_latest.png
2img.net/i/fa/awesomebb/ 324 B
640 B 68ms
66ms Image
image/png 104.21.235.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/awesomebb/icon_topic_latest.png

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3676d6fdb3110393c514dff4b9c10f1176f563d5bc9fae63756c782c6c826a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1641944
alt-svc: h3=":443"; ma=86400
content-length: 324
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jul 2018 14:39:00 GMT
server: cloudflare
etag: "5b4cae04-144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYwWYwVl10yFe4z5PYq54zd6GgQPfRWtRdLj6SBDLhGkPS6bzCwYrwS5iiBrqxUMgQjfq5XR%2BJ4D7tOcbGgy3mPKU9VQdIwwNPgCiZEJTcKNtK5U%2FSQF5eRBnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86686241cf5e2f8f-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK LIeASFuC_o.jpg
images2.imgbox.com/71/60/ 29 KB
30 KB 95ms
94ms Image
image/jpeg 212.63.223.226
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/71/60/LIeASFuC_o.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.226 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b7354d98404018c508c8cd1507a78ea10d87863a24e22221fcd0e19df910c336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Tue, 26 Dec 2023 20:09:33 GMT
server: nginx/1.14.2
etag: "7538-60d6f42c4f940"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=10728100
x-whom: srv1535
accept-ranges: bytes
content-length: 30008
expires: Sun, 19 May 2024 19:47:19 GMT

GET
H2 200 avatar-shadows-from-the-past-Marina.png
i.postimg.cc/qRJfHgCp/ 215 KB
216 KB 122ms
121ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/qRJfHgCp/avatar-shadows-from-the-past-Marina.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: ab018a84fb1f204d54c403ea22b37b2c3ed91f7baf2821f38e7349e56bce47c0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 23 Feb 2024 20:12:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 220213
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ezgif-5-c9c90c7a24.jpg
i.postimg.cc/fL9SPfMV/ 67 KB
67 KB 313ms
313ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/fL9SPfMV/ezgif-5-c9c90c7a24.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 492e1a830f32532a63751ecba8d5f4de1de31f0ce25466f9b254f44f2e3ebacd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Fri, 10 Feb 2023 02:35:08 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 68708
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 47-0.jpg
2img.net/u/1511/24/71/64/avatars/ 35 KB
35 KB 67ms
66ms Image
image/jpeg 104.21.235.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/u/1511/24/71/64/avatars/47-0.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d20f9f1f35ca7c0912593ea5662809d5e41d1be6533d09998a59438542ccd0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853249
alt-svc: h3=":443"; ma=86400
content-length: 35733
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sun, 15 May 2022 20:46:02 GMT
server: cloudflare
etag: "6281668a-8b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDUfF0Lwmh86TyC9o3G9MRhhER6R%2FqhSCTHuNCIBQYH8Ztbs4cqVQLSg%2BvUT1l2RzwbPvGe48u86%2BHlUL7yAeojVbGF4uN3iuGfVeEIJvBX4aJ8TCEoqFRp6qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8668624228262f8f-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 123-56.jpg
2img.net/u/1511/24/71/64/avatars/ 49 KB
50 KB 127ms
127ms Image
image/jpeg 104.21.235.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/u/1511/24/71/64/avatars/123-56.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e2eca1c392fefd555d30b57b15e1cde6813b16d7a5bcf0a6b0d26d1565bcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1634551
alt-svc: h3=":443"; ma=86400
content-length: 50514
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Mon, 30 Oct 2023 18:57:01 GMT
server: cloudflare
etag: "653ffc7d-c552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FK34ZBFdrW7eeQv6ud4SLpWzbruVfQ%2BQVCvNAXcpfAVMBWF66UT7NSFmCfp6LDIANYUEM4ymammJ2ILWFHs%2FdbSzL9Qy7hLlIR8NUn%2BqTDHKFZX2KcOR15OnPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8668624228282f8f-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 55-51.jpg
2img.net/u/1511/24/71/64/avatars/ 41 KB
42 KB 172ms
172ms Image
image/jpeg 104.21.235.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/u/1511/24/71/64/avatars/55-51.jpg

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fbda7036d790b6780871d637e72ebf5bf275555439c389aa5f9141351d27e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1634551
alt-svc: h3=":443"; ma=86400
content-length: 42474
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Mon, 19 Feb 2024 07:20:16 GMT
server: cloudflare
etag: "65d30130-a5ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ianwx%2BIMEr7pbDdhHRnBy6v7KqIve53wAgpD0s6JC9NodQKna4wCbzkNmFfQW%2BjKzeUQjZc0tTY5aNYUUZX1WRcfrvG%2Fpz%2Bf7pHCmPCG16%2FbnAhp%2B4YZ%2Be5k9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86686242282a2f8f-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK PBjszH3L_o.jpg
images2.imgbox.com/43/ce/ 57 KB
57 KB 128ms
127ms Image
image/jpeg 212.63.223.226
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/43/ce/PBjszH3L_o.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.226 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8b9eb020a24bfe3bcb0146c87b0693cb412afb7449eee69f6d8f7b909927b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Mon, 19 Feb 2024 22:21:53 GMT
server: nginx/1.14.2
etag: "e342-611c3854d6240"
vary: x-s-token
x-cache: HIT
content-type: image/jpeg
x-whom: srv1535
accept-ranges: bytes
content-length: 58178

GET
H2 200 20230604-1744371.gif
i.ibb.co/P6xwVHf/ 20 MB
20 MB 288ms
288ms Image
image/gif 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/P6xwVHf/20230604-1744371.gif
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: ac6287e5cf08a858084a077507144f12991d7b4a1de1776d78ec45b81b912292

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 04 Jun 2023 20:47:32 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 20651544
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

widget Show response
discord.com/ Frame CE7D
Redirect Chain

https://discordapp.com/widget?id=941182844041052180&theme=dark
https://discord.com/widget?id=941182844041052180&theme=dark

2 KB
2 KB

225ms
87ms

Document
text/html

162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=941182844041052180&theme=dark

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a8992352666a61e937bb08faac65997e37683ca509e4d5360787bcae5cfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8668624238701ba9-MAD
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Thu, 05 Oct 2023 23:01:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BmOeNE%2FMoR4E7OBMLL2nvq7siIwpFe9Gc9NCGP2B3Kb1OOXWz4OHO6LzWiInmdkWH%2BbsYJ6o0J8FtjwVb2ha%2BJ7PfjkZ8wuuOLgHgUmgJi4mwDG8yT4Qxo8%2Br1m"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-build-id: 8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 86686240eff80402-MAD
content-length: 0
content-type: text/plain;charset=UTF-8
date: Mon, 18 Mar 2024 21:40:54 GMT
location: https://discord.com/widget?id=941182844041052180&theme=dark
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BcXJE342xK8ZFHVmz%2Ft9u%2Fnd5VaiWohNis977o0y00qGLDwafF9roI89QoI19uxpnYs1wynTZVLGFY3dCfFs2PKUnBuExwhdO56MPecDzgFpzoTNiu%2FyW8AAzBq7ZvF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-xss-protection: 1; mode=block

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 82 KB
29 KB 552ms
109ms Script
text/javascript 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adea2aa2767d809d7ae83bb8023885d49edbce098ff65c4296aed8c1d16c936f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 04:05:26 GMT
content-encoding: gzip
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Wed, 28 Feb 2024 08:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 408929
x-amz-server-side-encryption: AES256
etag: "9c4bd7f981e42473076868eec1e5677d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28955
x-amz-cf-id: 1eThGC--T6UmtrmtF4lncWMV0NzUTVmkNtm4ZzPE7EK5n0yaXyMvFA==

GET
H2 200 morlogo.png
i.ibb.co/KbvhDV9/ 24 KB
25 KB 284ms
284ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/KbvhDV9/morlogo.png
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/31-ltr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 10296483f49dd828535eb4ea5df0356f89d57ea09d28d93b046178393d18d291

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
last-modified: Sun, 13 Nov 2022 01:27:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24943
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 147 KB
147 KB 234ms
233ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1655341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150516
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-24bf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rGXiJMhnIlneVOxvSDvRg5jCLeYb0IUKUVFz9%2FHF%2FMI9oOBIY0pyzwP%2BwI9ywGML%2BMwf9W%2Bzp7Wy48jjXX64eNYqysOuHmoOvOIP0squErqxZSWfduFdYhISSVToPZBVG4ZhRz6"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 866862403fd02f98-MAD
expires: Sat, 08 Mar 2025 21:40:54 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 105 KB
106 KB 178ms
178ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 442659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 107656
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-1a488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyofdIRBftYsfzOuVMJPznQ1dD5HN7BM2TfGqr80A5cvAT9X0Oa1ypDwpZ%2BsZAF3KnZTYeSrDrMlqNG5TBWUkmjUMQdM4r9jQ8uTAgXf3U6OEu17xg9TP2gyR1uYlb5TUNh3%2B39D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 866862403fd32f98-MAD
expires: Sat, 08 Mar 2025 21:40:54 GMT

GET
H2 200 pre.js Show response
ac.aruncdn.com/j/prebid/ 488 KB
149 KB 478ms
81ms Script
application/javascript 104.26.0.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ac.aruncdn.com/j/prebid/pre.js?411

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59be6742c628fe76d51bfb638199f9b1b8520a044891ad6e131ccb934bcc5703

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
x-amz-version-id: 60e6jplIYZ3KUtxPUx2xI.lmdhyg.JPW
via: 1.1 5d5704a42e51cafd107137919e8b851a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MAD56-P4
age: 1655349
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 16:16:59 GMT
server: cloudflare
etag: W/"e6c0e7c9fe33476e322e62e9e9bc46ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mGLqO%2FBrRBYCpHNsc1H9RMwcPvb8CpIFDTCMvEdh6kvKWl4%2FS65gX33aC3TfYquMhRpTbfNxi5e0rgSjiWlHWA7F1KLPOHYWCWJK0bScnBIPIIirBfhBOsA2G%2BNZ5i8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 866862431f6a86c6-MAD
x-amz-cf-id: tQrUQAYBfcapgdnJnIC7HN8VQb24DKNwkpGSATtmz8xDaQWjG1PlEA==

GET
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
134 KB 321ms
125ms Other
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136708
x-xss-protection: 0
expires: Mon, 18 Mar 2024 21:40:55 GMT

GET
H2 200 player.js
ac.aruncdn.com/f/nat/ 0
4 KB 66ms
64ms Other
application/javascript 104.26.0.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/player.js?3
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
x-amz-version-id: ywSUORhiyE1QBTDK4UgySKA8BFuP4Rjw
via: 1.1 546c7d402795f607dedd15c21228ca4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MAD56-P4
age: 1646467
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 16:16:51 GMT
server: cloudflare
etag: W/"69624877c62cb83429ed5b682551fc5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ke4rhZo%2FliJRsEj3OhG%2Fbgcwmvj0Kz%2FJq4%2FZ7sXytZqBo%2BpFb8cugcZ5GC8SlR7ZH6%2F1Iua7aLW9gh7EjFvlL7wyIR%2BkzbWji2%2By8XVgQjdlRD%2Ft1TT4CyOcabixHEl8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86686244698f86c6-MAD
x-amz-cf-id: 8uqdgcLuc5pYv-FoBfNFTwhsBNl42_l9H9B12qFT73lWMOF_sklqkg==

GET
H2 200 gdpr Show response
ac.audiencerun.com/ 1 B
332 B 258ms
84ms XHR
text/plain 18.66.147.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.audiencerun.com/gdpr
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-112.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:21:08 GMT
audiencerun-country: PT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P4
age: 191986
x-cache: Hit from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
audiencerun-time: 2024-03-16T16:21:08.980Z
content-length: 1
x-amz-cf-id: EAlTgavDYjKsfSndtFw7dkdMd78DzcNEMTxrWUmR0UxlKTmAdSjAmw==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
212 B 281ms
86ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=151&profileId=206&cb=35034302806

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 86ms
85ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 13 Mar 2025 21:40:54 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 84ms
84ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 13 Mar 2025 21:40:54 GMT

POST
H2 200 webpush_register.php Show response
shadowsfromthepast.foroactivo.com/ajax/ 25 B
176 B 134ms
133ms Fetch
text/html 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsfromthepast.foroactivo.com/ajax/webpush_register.php

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.73.212 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Mar 2024 21:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1
content-type: text/html

GET
H2 200 11662.js Show response
ads.rubiconproject.com/ad/ Frame FED3 30 KB
9 KB 758ms
85ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=6584
access-control-allow-credentials: true
content-length: 8916
expires: Mon, 18 Mar 2024 23:30:39 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
211 B 80ms
79ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 index.c28a9f9cf58c0cfb74b1.css
discord.com/assets/ Frame CE7D 125 KB
17 KB 76ms
75ms Stylesheet
text/css 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Requested by

Host: discord.com
URL: https://discord.com/widget?id=941182844041052180&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://discord.com/widget?id=941182844041052180&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Sep 2023 21:57:40 GMT
server: cloudflare
etag: W/"a3d977528c57cccef14644b54c0a22ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa4OEadJLtLnDoEhe%2Bp7VCroZQIVrrD7wh000rZdUjPhAIZHMfuKNcTo8dXmrrYWNOMr56q1WYaWyY8wKoTXjyQr6w1K4lCVmDlecDN2Q1%2FCEGLgT6gD5ga9zxnm"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 86686242d9c31ba9-MAD

GET
H2 200 050107a671106733d869.js Show response
discord.com/assets/ Frame CE7D 3 MB
706 KB 95ms
95ms Script
application/javascript 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/050107a671106733d869.js

Requested by

Host: discord.com
URL: https://discord.com/widget?id=941182844041052180&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://discord.com/widget?id=941182844041052180&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Oct 2023 22:45:15 GMT
server: cloudflare
etag: W/"6a4492248e70f6469195aa9c94db47ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aV5WFS18HgFwAXiGgS0ugNwZ%2FAL4Y0zoBkgIf64JU9CDeyd0gRJmkRgFYXgNeFHdtD21dgSO3%2FETtI4v3pDx6p%2Fc5pg7lQ%2FdYucymwXIQzrEIQweiLnW3deLEQKz"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 86686242d9c41ba9-MAD

POST
H2 204 collect
analytics.google.com/g/ 0
266 B 267ms
90ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TTF1KWE3G4&_ono=1&gtm=45je43d0v9122948090za200&_p=1710798054292&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1145196466.1710798055&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1710798054&sct=1&seg=0&dl=https%3A%2F%2Fshadowsfromthepast.foroactivo.com%2F&dt=shadowsfromthepast&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1894
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
266 B 247ms
83ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-TTF1KWE3G4&cid=1145196466.1710798055&gtm=45je43d0v9122948090za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.in/ads/ 42 B
408 B 276ms
95ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.in/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-TTF1KWE3G4&cid=1145196466.1710798055&gtm=45je43d0v9122948090za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1062285157

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget.json Show response
discord.com/api/guilds/941182844041052180/ Frame CE7D 3 KB
2 KB 263ms
262ms XHR
application/json 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/api/guilds/941182844041052180/widget.json

Requested by

Host: discord.com
URL: https://discord.com/assets/050107a671106733d869.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e487629f0b90878fcc5b94ec719f98c9c1394b91cc7675db41f189ff658edde1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://discord.com/widget?id=941182844041052180&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Mar 2024 19:04:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t46NCeM36w47h%2BEb%2Fs8T6jU9ZYLIvllr%2BTuX5%2BgkEEJO20sdOfjfX67J5YmqpwT9pBAJnhQOipQT0fslOJxJtPEbRVQFuHL2QQXn8dOjA0H7OTdQStKDUDehj5v0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=300
cf-ray: 866862461b126617-MAD
expires: Mon, 18 Mar 2024 21:45:55 GMT

GET
H3

200

main.js Show response
discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 7100
Redirect Chain

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

8 KB
4 KB

65ms
65ms

Script
application/javascript

162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cb019946c7cb28b97bb0ea248d51a9bc1287f01e701edd444d3e6944d2ab4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BnuhEXZwmuUOB9zUj7f%2F%2BoetWUAGiTCqzwrZQ5lD9OtgpnA%2FB3OmeCX93Nnkgx2z5zx5mh%2FtrQNqZz58hdnj%2B9woQnrOvQ9PniTSbbqThB2hf9MEBIdkB3Eg5xd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 866862474d806617-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 18 Mar 2024 21:40:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JE3wGE0FwT0nDoew6aE%2BMFsGJGJ8RU48vk0TIischpXHPWM9D5NElowMWl3GVPyjrq%2FoedeZNaJ%2Fj71I5TdZX5Cddk5Fw34scE0xauUtVSuFewz2it55DpR7WPVI"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86686246ecc96617-MAD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 loader.min.js Show response
comparisons.sovrn.com/js/ 3 KB
2 KB 299ms
84ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comparisons.sovrn.com/js/loader.min.js
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: _N7Ldl34Z.PdZpMcZXLC7DYN2lTVj6Bm
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date: Mon, 18 Mar 2024 01:15:42 GMT
last-modified: Tue, 23 Jan 2024 08:56:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73514
x-amz-server-side-encryption: AES256
etag: W/"977ae67d2ae005447e6e3ab0b242cab2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UM8fUVa1zhkB1O-cCabMbd_MV95p2CCgw-aprzludWaKaqJIYzOSEw==

GET
H2 200 151256-2.js Show response
smarttag.rubiconproject.com/a/11662/36494/ Frame FED3 1 KB
1 KB 1337ms
131ms Script
text/javascript 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/11662/36494/151256-2.js?&cb=0.023473275345824218&tk_st=1&rf=https%3A//shadowsfromthepast.foroactivo.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36494_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4572246c90f0adcd6f3bf24cd7db0d600b60cff0734d3b8ff723d96872f4f9bf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:56 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST 8668624238701ba9
discord.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7100 0
0

GET
H2 200 abd4e5-AJWNJLXvwidlFXZOSZC6wGYoE23fZJqS_ezllHOtsJ7MCrVVgG2paLPLMA4iIiMy1mVVrDrOsD1R7Rj-N81OcKxjWiC25ZcNKOfwbrSL2rohI1Ga-P10Gybi9KJGcBNuhwnSKUg
cdn.discordapp.com/widget-avatars/u63nLu2xGVRAyU1WFegVISyniKTxsl31dqSPiVk7Hd0/ Frame CE7D 22 KB
23 KB 282ms
169ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/u63nLu2xGVRAyU1WFegVISyniKTxsl31dqSPiVk7Hd0/abd4e5-AJWNJLXvwidlFXZOSZC6wGYoE23fZJqS_ezllHOtsJ7MCrVVgG2paLPLMA4iIiMy1mVVrDrOsD1R7Rj-N81OcKxjWiC25ZcNKOfwbrSL2rohI1Ga-P10Gybi9KJGcBNuhwnSKUg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796a9da62459f6cd1b1b28181e4da2cc2e0fdcd32a914cd2b28605f533224488

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1578461
alt-svc: h3=":443"; ma=86400
content-length: 22526
last-modified: Wed, 13 Dec 2023 18:55:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCoderDOJ88ebjPdorP7rNVbh4M0y4meeLiDrUpioonDTrokt1ZIHd6mL6uF4YtqGu7p0gAhe3xvZh7KxPYY3aqGqWZfsnpyMlwiWolgMQtIah4PMiRItuwFLDXCD30GHV8Oew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bcb2166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 KTvuGc4k-BDU5vrvKd6Xi0usCHmHUU98AHiwl77aNnqY8RY6jgiro7VhsasyKtRwWqhhHUQg73_vLDczfUoN-BzH4BR32uTkqtbtgfw6SiOuKN6UhyVOgd4uNX7Ow9Mf2LGyoUR-rXqC6wk
cdn.discordapp.com/widget-avatars/K9nN0kA8Tv964XyzBsfIk07gMsPZUM7NL50VTVuYkGE/ Frame CE7D 36 KB
36 KB 315ms
203ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/K9nN0kA8Tv964XyzBsfIk07gMsPZUM7NL50VTVuYkGE/KTvuGc4k-BDU5vrvKd6Xi0usCHmHUU98AHiwl77aNnqY8RY6jgiro7VhsasyKtRwWqhhHUQg73_vLDczfUoN-BzH4BR32uTkqtbtgfw6SiOuKN6UhyVOgd4uNX7Ow9Mf2LGyoUR-rXqC6wk
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a39eccddfab2af15b07647e490deb854967b913b95968c340434e8901039a4

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 367162
alt-svc: h3=":443"; ma=86400
content-length: 36428
last-modified: Tue, 12 Mar 2024 00:45:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmWub7Fc7nlX5YkDdz9Mqv5kdOPHTWhpUuF0HS%2By39RzC0e3v4eikiU%2BPsd9r2E2qaiEjUTuo04MebM%2Fdpyg%2FzAknT40bp%2B4SPykpgbpweGV7IcyQauvX%2BjWijaM%2FGtEfVCuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bc42166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 MAp4EUpN40f1GvKYm7ZjW7y8fgSdANpybSgk2R6-c3zD57Pj71bjDU1_8oCpBKOQ7SQ1azPruTBWm63o_c-OY8xm0KqVNu-1UbC18ir20UBk65TJ_a9ZCHf0e_XkMx_poKoGs0QsTlwQ_Q
cdn.discordapp.com/widget-avatars/RV5TVTboMgXk1YSrv9RSOlCFBJOqvThTEGVBkCY96PU/ Frame CE7D 41 KB
42 KB 402ms
290ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/RV5TVTboMgXk1YSrv9RSOlCFBJOqvThTEGVBkCY96PU/MAp4EUpN40f1GvKYm7ZjW7y8fgSdANpybSgk2R6-c3zD57Pj71bjDU1_8oCpBKOQ7SQ1azPruTBWm63o_c-OY8xm0KqVNu-1UbC18ir20UBk65TJ_a9ZCHf0e_XkMx_poKoGs0QsTlwQ_Q
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2722dcaea1fcd0c457ea0965ad20b6786e93129c41d72b616747a22528234d

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1646466
alt-svc: h3=":443"; ma=86400
content-length: 42101
last-modified: Thu, 07 Dec 2023 15:17:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsJdU1rdh9XGU7n8Z%2Fpoii90nKKHoV%2F9q4d5bfSz6adxnu2v4ISrh7NIKRWAK%2BEIJptQ2tLY%2FLKcSoP5c%2B7ew%2FQOmRdda5UtVps8SvUWfeB0jlMEV4iufNDLJRf4mAucm09ong%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bbf2166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 6Q_Lez25Le4oimsyg6IUJdAbzE3TjM5jKnjGX_e3ZR6y3e32_GfFcfnQvjOKwtjUv-5y-2E_9MnffuuontAear3Pw1CoyZZDNab8ukBIDcp7oe1lQtYhaJWSTacvCUojtcfH3GSGopxC7g
cdn.discordapp.com/widget-avatars/4sztPXFceWbSOeRGVJQexGYO5QWa1WUord3NfOAsCzc/ Frame CE7D 24 KB
25 KB 354ms
242ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/4sztPXFceWbSOeRGVJQexGYO5QWa1WUord3NfOAsCzc/6Q_Lez25Le4oimsyg6IUJdAbzE3TjM5jKnjGX_e3ZR6y3e32_GfFcfnQvjOKwtjUv-5y-2E_9MnffuuontAear3Pw1CoyZZDNab8ukBIDcp7oe1lQtYhaJWSTacvCUojtcfH3GSGopxC7g
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba4b9d30341370302bec689915c162325dba7da929a7e8520b0d3fc93aa8004

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 175376
alt-svc: h3=":443"; ma=86400
content-length: 24986
last-modified: Fri, 02 Feb 2024 15:22:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnUZYFKXfqy21Cd0Qxl4Ghzow43sM1XpwBDY11gRlWkb2dnArZnqkPsZG1LiD3VQMzoPqn37qjG8px0N%2FuesbWD0XvRlChZPTvPe8EbCyzVh6TlmSU3pljlOzoDgodcu6Aq2vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bc72166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 q5AUO_Y3hcLlqRMbnmwdQoPuRksqzgKXzYjrIoQbdsuiuBbUDw8_0k4T9_0ome9cCmnRgmEzScVmYaCVB99UVffOk9MxGVqLlS6_KxAImeuB0hLJYMr21lqcMMdpWNvQOvtxZ6CpbK6An7Vi
cdn.discordapp.com/widget-avatars/YW4HlNH3aIXgTAKHeETF8T1KU0O-psttut1cxDrFTJE/ Frame CE7D 37 KB
38 KB 401ms
290ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/YW4HlNH3aIXgTAKHeETF8T1KU0O-psttut1cxDrFTJE/q5AUO_Y3hcLlqRMbnmwdQoPuRksqzgKXzYjrIoQbdsuiuBbUDw8_0k4T9_0ome9cCmnRgmEzScVmYaCVB99UVffOk9MxGVqLlS6_KxAImeuB0hLJYMr21lqcMMdpWNvQOvtxZ6CpbK6An7Vi
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416d847cf76a98cb746ca48c0d0d5293db725cebafc4b8b415f4523c89d2b819

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705173
alt-svc: h3=":443"; ma=86400
content-length: 38076
last-modified: Sun, 25 Feb 2024 00:43:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VK7UePdktb6xSuWrVieGlKY%2BIf0Qn%2FQoiAA6DrYxo05h1bho6HEOqeQGvV5JpkDyDYbYdBgfH6tZCnUOo18G5po%2Fm1h%2FyUtdIm9FBz10QPXqogjzM%2FOUnTaCJUuXS7r6bLkNUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bc32166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 -BjBZkzG3Q8vAeqkNh6cJJ5v3z0FQWNg0QGASMYiuPptXM30wpwbFhehm9JtkyZf7yxqqHAooS2ryG_w0YGCYEriWuo2BfHK6R-b56L_JFAHpDHmAPkpXIWZgEgP3StRu-gB3OVZiJdMDg
cdn.discordapp.com/widget-avatars/cDmsMOqmd5H4Nlr2vIzhAjqFYNub5uTN0JLPSbsPHDI/ Frame CE7D 29 KB
30 KB 216ms
105ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/cDmsMOqmd5H4Nlr2vIzhAjqFYNub5uTN0JLPSbsPHDI/-BjBZkzG3Q8vAeqkNh6cJJ5v3z0FQWNg0QGASMYiuPptXM30wpwbFhehm9JtkyZf7yxqqHAooS2ryG_w0YGCYEriWuo2BfHK6R-b56L_JFAHpDHmAPkpXIWZgEgP3StRu-gB3OVZiJdMDg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530dc0f1779cc4b9e42750cf49969897a43aa5f42a1f9bee12a3a52a8d895299

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1646466
alt-svc: h3=":443"; ma=86400
content-length: 29951
last-modified: Sun, 24 Jan 2021 14:13:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Bef3ePjy2BQVGJTOEEYLo9tExkQOdKx%2B4MDHRiWfcDt9UA9%2FoLpCKfofTtLvkyLPpDOWKxKXZC6ufDaADluPdXtBrEGR%2BYCFtgksClKhqXjI1EqTJoRmhkUYA7EaFDT0aDR%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866862493bc22166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:55 GMT

GET
H2 200 uitJqziSvvU8TcAXeCY4g9FV1g9cj3xns85KcDks6c3ClG4gM2Ry6j0Pn5PxEDKMKIFi5F9rmMfh4EqYBPbmW7w8wR--ad_FC6KJtIpnfWGFOsYUClSieJz4Tj-sqEA7g1IAEv7Kj_cSS1TT
cdn.discordapp.com/widget-avatars/W82GIPVE50YHw16mXbYqJtaIuSloLoFznasqPn_qlWE/ Frame CE7D 35 KB
36 KB 139ms
138ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/W82GIPVE50YHw16mXbYqJtaIuSloLoFznasqPn_qlWE/uitJqziSvvU8TcAXeCY4g9FV1g9cj3xns85KcDks6c3ClG4gM2Ry6j0Pn5PxEDKMKIFi5F9rmMfh4EqYBPbmW7w8wR--ad_FC6KJtIpnfWGFOsYUClSieJz4Tj-sqEA7g1IAEv7Kj_cSS1TT
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea4084684d689686e533d41fc0e6470c0203420fb5cef55a302ed4f0b7139ad6

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1093332
alt-svc: h3=":443"; ma=86400
content-length: 35557
last-modified: Wed, 07 Feb 2024 08:49:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCg%2FvqOwaXpHDiZcKOutPAkDCcXSvzvxxzuKvvLk9lCyle5U5OKwSi1bt8%2Fd72POuI8TnlFNJvuU5ZZABybZAFtt52qaVq2qOeDSWdPQjdtQtfuwj8ok4ZlywgB3IViZmVp2VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8668624a4e492166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:56 GMT

GET
H2 200 xT26u259CH6sDd9ruqPmRO7Bp36VjZR68vp4lLyWXjdaJnwciKuvRYHDPc7Lqs5L4CrgjthT983oxHL4HO3DedBc9KWj8Z_WVNUWT0XeNKbUgKi3URwUXVWdx2nCIaeaA7DuB0b6iaOxvA
cdn.discordapp.com/widget-avatars/6aQH1rodb6W3y1tHRWfiRg0csBXiLN7NRI6Po1LXwl8/ Frame CE7D 26 KB
27 KB 121ms
120ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/6aQH1rodb6W3y1tHRWfiRg0csBXiLN7NRI6Po1LXwl8/xT26u259CH6sDd9ruqPmRO7Bp36VjZR68vp4lLyWXjdaJnwciKuvRYHDPc7Lqs5L4CrgjthT983oxHL4HO3DedBc9KWj8Z_WVNUWT0XeNKbUgKi3URwUXVWdx2nCIaeaA7DuB0b6iaOxvA
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8adbd8ff63a91c632f794383e9b3fd6c45a8c838ff7197c2627ca836ca335a8a

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103624
alt-svc: h3=":443"; ma=86400
content-length: 26812
last-modified: Fri, 02 Feb 2024 01:55:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2uYfqDbH%2BdRYCKfykNvuoLJK%2BaYQYdp8%2F%2BQi8xNqWWVojWmUNAC%2BiLrYB83NxnH8vv5i8eShY5Wwa4gQM832fd892mYTVAfC%2B5A4Ud64EP86TQAyOu2owkL43ANLkfk7NqbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8668624a4e4c2166-MAD
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 18 Mar 2025 21:40:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
219 B 93ms
92ms XHR
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1962141400&t=pageview&_s=1&dl=https%3A%2F%2Fshadowsfromthepast.foroactivo.com%2F&ul=en-us&de=UTF-8&dt=shadowsfromthepast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1291191615&gjid=245058925&cid=1145196466.1710798055&tid=UA-144386270-1&_gid=588079506.1710798056&_r=1&gtm=457e43d0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1486692101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 82ms
81ms XHR
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144386270-1&cid=1145196466.1710798055&jid=1291191615&gjid=245058925&_gid=588079506.1710798056&_u=YADAAUAAAAAAACAAI~&z=1933555298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7e2a4c63ae6993d9d56d7d68bc4bd708e993c29270f3a712ae30753da1cad4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Mar 2024 21:40:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 261ms
92ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144386270-1&cid=1145196466.1710798055&jid=1291191615&_u=YADAAUAAAAAAACAAI~&z=317763295

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.in/ads/ 42 B
107 B 94ms
93ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.in/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144386270-1&cid=1145196466.1710798055&jid=1291191615&_u=YADAAUAAAAAAACAAI~&z=317763295

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ Frame FED3 660 KB
57 KB 376ms
285ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbec9cd19daa94db4e5afafe266c1d3ffae7cdaeb830241484b0cd7ba135cd5b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: wYxMYQ3k6rvf2liZBPiczQhbufhWe55o
content-encoding: gzip
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:57 GMT
x-amz-request-id: XH7M2M7HPSCF0388
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 58336
x-amz-id-2: tPV9dSOmBtAr+zgvUoPKogz3Qcj/rGaMbi6X3DhZaIk12OuLCO08NaLk9onTqpY3w8EzoA3R/uk=
x-served-by: cache-lis1490054-LIS
last-modified: Mon, 18 Mar 2024 11:04:08 GMT
server: AmazonS3
x-timer: S1710798057.044727,VS0,VE234
etag: "32946a24c073fc429e04e6c6a4f286eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 75
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CAE5 2 KB
1007 B 1118ms
188ms Document
text/html 23.218.194.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36494/151256-2.js?&cb=0.023473275345824218&tk_st=1&rf=https%3A//shadowsfromthepast.foroactivo.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36494_2&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.194.34 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-194-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 686
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 21:40:57 GMT
ETag: "2052b-661-613698fc7e540"
Last-Modified: Mon, 11 Mar 2024 21:52:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 0d8a198b-084d-4bcf-bec9-26df6c7caf8c
beacon-ams3.rubiconproject.com/beacon/d/ Frame FED3 43 B
227 B 334ms
80ms Image
image/avif 213.19.162.67
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/0d8a198b-084d-4bcf-bec9-26df6c7caf8c?oo=0&accountId=11662&siteId=36494&zoneId=151256&sizeId=2&e=6A1E40E384DA563BEF326B7E94DBEA168669FF642DE4961D40744130E38C075F38C2D7D3F7E18ECC2E01F48BB2E1AC805ABF4BC26238BE18444F90DBB1D9ADEA7D63B63122D20152F897657A5FBAC1F2E8440C38DD95BBCFFCB659F0D4FEA97E1366D8ED85555697D9C1DF20792BFA61E1501A5C29ACF5C995BCEA9A1A431B34

Requested by

Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.19.162.67 , United Kingdom, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:56 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 impl.20240318-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame FED3 892 KB
181 KB 45ms
44ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: db40a79d18a235f7268fc58d74b0f58d669eb97e1287b291d52cfac36ed4f822

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: uf.yOcoiqv.aUhZT017GxYzI8In8pCCE
content-encoding: br
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:57 GMT
x-amz-request-id: W96J0BKY1PBDS0EP
age: 13101
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185069
x-amz-id-2: AYykNQfbA7YJAPf1biAKxB6UvHFE05Ui0FzSj5me+9/+FjUpOXf4t7sRo53KltLUTDZtEsoZaTw=
x-served-by: cache-lis1490054-LIS
last-modified: Mon, 18 Mar 2024 09:54:56 GMT
server: AmazonS3-br
x-timer: S1710798057.454956,VS0,VE0
etag: "8d657011ca448cb1893928fa62d6b273"
vary: Accept-Encoding
content-type: application/javascript
abp: 73
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16795

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 242 B
708 B 395ms
101ms XHR
text/javascript 3.254.23.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.23.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-23-3.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 86f88f349f50bff228b9ab4612cd97a0844f8206567d178c6cc9de3076efe5d1

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://shadowsfromthepast.foroactivo.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 242
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame FED3 46 B
288 B 241ms
79ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 248616
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forforumotion-es/trc/3/ Frame FED3 6 KB
4 KB 346ms
338ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/trc/3/json?tim=20%3A40%3A57.590&lti=deflated&data=%7B%22id%22%3A445%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1710759843759%2C%22vi%22%3A1710798057587%2C%22cv%22%3A%2220240318-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fshadowsfromthepast.foroactivo.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fshadowsfromthepast.foroactivo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728-90%20Thumbnails1%22%2C%22orig_uip%22%3A%22728-90%20Thumbnails1%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728-90%20Thumbnails1%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 230f7c655b660e2fc42910cdce789abe9160c9d701ca7562a0c4a2c181f160d0

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 294
date: Mon, 18 Mar 2024 21:40:57 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.5912499999999999
x-fastly-to-nlb-rtt: 93514
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
x-log-content-encoding: gzip
server: nginx
x-timer: S1710798058.622615,VS0,VE294
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20240318-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 892 KB
181 KB 47ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: db40a79d18a235f7268fc58d74b0f58d669eb97e1287b291d52cfac36ed4f822

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: uf.yOcoiqv.aUhZT017GxYzI8In8pCCE
content-encoding: br
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:57 GMT
x-amz-request-id: W96J0BKY1PBDS0EP
age: 13101
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185069
x-amz-id-2: AYykNQfbA7YJAPf1biAKxB6UvHFE05Ui0FzSj5me+9/+FjUpOXf4t7sRo53KltLUTDZtEsoZaTw=
x-served-by: cache-lis1490054-LIS
last-modified: Mon, 18 Mar 2024 09:54:56 GMT
server: AmazonS3-br
x-timer: S1710798058.674703,VS0,VE0
etag: "8d657011ca448cb1893928fa62d6b273"
vary: Accept-Encoding
content-type: application/javascript
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16796

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 80ms
80ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 334655
expires: 60

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 94ms
94ms Script
image/gif 3.254.23.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=5a5e09c99bf477b62bf79c1924e231f7
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.23.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-23-3.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:57 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 269ms
93ms Image
image/gif 3.254.23.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=5a5e09c99bf477b62bf79c1924e231f7
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.23.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-23-3.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:57 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
506 B 174ms
95ms XHR
text/javascript 3.254.23.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.23.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-23-3.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8e47646658983be660027931456f5bbbe9947fdf1727ce10461dce179a1643fe

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://shadowsfromthepast.foroactivo.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tb Show response
15.taboola.com/ Frame FED3 25 KB
8 KB 253ms
245ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=forforumotion-es&unitType=226&tbloc=&pageType=text&pstn=728-90%20Thumbnails1&uuip=&cisrf=&cirf=https%3A%2F%2Fshadowsfromthepast.foroactivo.com%2F&encoded=1&uid=46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69&variant=-100|1130508407&callback=TRC.videoTagCallbacks.videoCallback1&cb=1710798057979&tagid=&cntry=US&platform=1&sesid=6d26998f5304a345fb10d6004fa57548&itemid=/&viewid=1710798057587&geolat=&geoing=&deviceifa=&appid=&sd=v2_6d26998f5304a345fb10d6004fa57548_46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69_1710798057_1710798057_CNawjgYQ_-I_GPPgipzlMSABKAEw4QE4kaQOQL6lDkiLtNsDUIoEWABgAGjP4tvDwa67g4YBcAA&ri=c007a51afcf5893e6e93ed243a5886cb&appname=&cdb=&gdprApplies=true&rid=&sii=-1279194496744460907&oee=true&tpubid=1044863&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=AL&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=&gvv50=&gvv61=15515&gvv62=15729
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 022ba6ffaaeb8a813fe2d292867c314393f460e960662df809bfccd7272423ff

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 18 Mar 2024 21:40:58 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1136
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1710798058.011429,VS0,VE199
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://us-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20240318-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame FED3 18 KB
6 KB 45ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240318-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: accb2cb3d22ee91a90b9c949bb3776ee6d9bf01b9961a7d0bb86757db2ab3fcb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: SztYNndpPHhzva_0hIlOYyYQYYxzo8sa
content-encoding: gzip
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:58 GMT
x-amz-request-id: NEAP57J2CYANPEEV
age: 41582
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5540
x-amz-id-2: vrVhVjeDhxq8YOis2uW8R7D5BVdVa0rpVHFFyD3Jj/arfEkM2tYjNYnHy5uTrCsjLFsImrHS5Hc=
x-served-by: cache-lis1490054-LIS
last-modified: Mon, 18 Mar 2024 10:07:53 GMT
server: AmazonS3
x-timer: S1710798058.004917,VS0,VE0
etag: "7912d57b1eb794addc816f71797a1c99"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6106

GET
H2 204 abtests
us-trc-events.taboola.com/forforumotion-es/log/3/ Frame FED3 0
231 B 479ms
139ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/forforumotion-es/log/3/abtests?route=US:US:V&tvi48=10637&lti=deflated&ri=c007a51afcf5893e6e93ed243a5886cb&sd=v2_6d26998f5304a345fb10d6004fa57548_46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69_1710798057_1710798057_CNawjgYQ_-I_GPPgipzlMSABKAEw4QE4kaQOQL6lDkiLtNsDUIoEWABgAGjP4tvDwa67g4YBcAA&ui=46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69&pi=/&wi=-1279194496744460907&pt=text&vi=1710798057587&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1710798057970%7D&tim=20%3A40%3A57.970&id=9588&llvl=2&cv=20240318-6-RELEASE&
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 18 Mar 2024 21:40:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 96acaa2a80738106937e271deeded3d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame FED3 8 KB
9 KB 140ms
139ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96acaa2a80738106937e271deeded3d6.jpg
Requested by: Host: shadowsfromthepast.foroactivo.com
URL: https://shadowsfromthepast.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09b6605951f57d9f6fe1bcbafcae1cba0571a0db2277173fd5f7af58e6cc919a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Mon, 18 Mar 2024 21:40:58 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96acaa2a80738106937e271deeded3d6.jpg
age: 893107
edge-cache-tag: 548655873050387596348953181079282111614,431831271005498588689718966572344497016,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548655873050387596348953181079282111614,431831271005498588689718966572344497016,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 80
expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fox29.com/
content-length: 8138
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kcgs7200066-IAD, cache-lax-kwhp1940115-LAX, cache-iad-kjyo7100059-IAD, cache-lis1490054-LIS
last-modified: Tue, 27 Feb 2024 06:22:13 GMT
server: nginx
surrogate-reporting: width=360,height=90,bytes=14633,owidth=1600,oheight=1022,obytes=210610,ef=(1,13,17,23,30)
x-timer: S1710798058.012598,VS0,VE95
etag: "bd1b1337891166daeebe0c409bb1670a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 18, 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CAE5 40 KB
11 KB 196ms
196ms Script
text/html 23.218.194.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.194.34 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-194-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5503c33a8338ad85590cc40c0a304a2856c5d0d1e72bc3b6dc0f6c1e07c49ae0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 21:40:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 12:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52226
Connection: keep-alive
Content-Length: 10989
Expires: Tue, 19 Mar 2024 12:11:24 GMT

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.8.5/ Frame FED3 121 KB
34 KB 140ms
47ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce24d1a45d15d3e47dfc14ace4fa72448c64a19cd0045cf65872728f5cc40128

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:58 GMT
via: 1.1 1a8de953aa4aaf678d8f6dfdeeea9a46.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-P1
age: 452867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34256
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 13 Mar 2024 15:52:35 GMT
server: AmazonS3
x-timer: S1710798058.352804,VS0,VE0
etag: "8de9f667144d876d8e73f56aa7023a8e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: uZtWOxz5Gc6KMA5YsHH5aEd_wwnL6M9nVyyO_avvTOdu8G_GCwqLHQ==
x-cache-hits: 4618

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame CAE5 7 B
380 B 363ms
84ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CE00 14 KB
6 KB 88ms
88ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shadowsfromthepast.foroactivo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 21:40:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 290473
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame CE00 438 B
556 B 82ms
82ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=foroactivo.com&sn=ChromeSyncframe&so=0&topUrl=shadowsfromthepast.foroactivo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shadowsfromthepast.foroactivo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c26703ee2e95db7963c15a8a955dfbb2713627428a3c61f3c842faaf3d3dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shadowsfromthepast.foroactivo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 21:40:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1864301
expires: 0

GET
H2 200 st Show response
imprnjmp.taboola.com/ Frame B282 863 B
486 B 157ms
140ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f34e9411d8361e2aa91a74caacbaf436d6c10602f31aa992d84461ccdac1b3ee

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 18 Mar 2024 21:40:58 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490054-LIS
x-timer: S1710798059.741729,VS0,VE96

GET
H2 200 sync Show response
us-match.taboola.com/ Frame DA37 7 KB
8 KB 150ms
143ms Document
text/html 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4a2d45edcca6696ab8dedd80eeaaecff091a3905476edb85dc242b5da639a172

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 18 Mar 2024 21:40:58 GMT
machineid: 3108
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame FED3 2 KB
962 B 627ms
626ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=4660481&noaop=3&sortOrderType=0&cb=1710798058703&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1619&pt=-1260226221&tz=-60&viewable=true&ddast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fshadowsfromthepast.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64b94909e93b9ba945625693935692a9cf9dc792caec0ee76733184d9cb59b70

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 18 Mar 2024 21:40:59 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1116
x-cache: MISS
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1710798059.728572,VS0,VE582
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
us-vid-events.taboola.com/ Frame FED3 0
43 B 149ms
142ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=31589837&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1710798054790.8!ts:1710798058698&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:58 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DA37 70 B
148 B 274ms
91ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame DA37
Redirect Chain

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

0
374 B

258ms
77ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33302

Redirect headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:59 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 18 Mar 2024 21:40:59 GMT

GET
H2 200 46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DA37 43 B
425 B 287ms
99ms Image
image/gif 99.81.11.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69?gdpr=1&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.11.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-11-175.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame DA37 43 B
235 B 440ms
85ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 21:40:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B282 70 B
149 B 272ms
90ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprnjmp.taboola.com
URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprnjmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 0 Show response
prebid.a-mo.net/cchain/ Frame B282 0
109 B 251ms
78ms Script
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/cchain/0?gdpr=gdpr=1&&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadaptmxrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Requested by: Host: imprnjmp.taboola.com
URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprnjmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

GET
H2

200

/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame B282
Redirect Chain

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

0
374 B

265ms
78ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Requested by: Host: imprnjmp.taboola.com
URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprnjmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33302

Redirect headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:59 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 18 Mar 2024 21:40:59 GMT

GET
H2 200 46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B282 43 B
426 B 276ms
91ms Image
image/gif 99.81.11.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69?gdpr=1&us_privacy=1---

Requested by

Host: imprnjmp.taboola.com
URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.11.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-11-175.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprnjmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B282 43 B
235 B 435ms
83ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprnjmp.taboola.com
URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660481&dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&cmcv=&pix=undefined&cb=1710798058698&uv=3386&tms=1710798058698&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!pl155375-732_vB!rbcatc_vA!tmaxc_vA!ufm&ru=https://shadowsfromthepast.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1fff81a3-5e06-4571-b743-4d0ac05229cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprnjmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 21:40:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 bulk Show response
trc.taboola.com/forforumotion-es/log/3/ Frame FED3 0
234 B 139ms
138ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/log/3/bulk?tvi48=10637&route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 95
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93514
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1710798059.010328,VS0,VE95
content-type: image/gif
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame FED3 254 B
739 B 44ms
44ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 3277
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1710798059.067985,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 274

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_8_6/assets/css/ Frame FED3 70 KB
10 KB 45ms
44ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_8_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 86e9d9ba5e4437ffe327fa4322ee1a197909ac1059a0fe423605085d4bf9757b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-mtime: 1710658957
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: JJ7GH9JX2YTDRCE9
age: 139045
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1710658958
x-amz-meta-mode: 33188
content-length: 9589
x-amz-id-2: x7zGGB1JMNZlz8Zu6f3vh7OZMXurKBd9xOEpxy9t6MjrFm9lLkqlXs9dDpgja67U7eVJpW0ugE0=
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 17 Mar 2024 07:02:39 GMT
server: AmazonS3-br
x-timer: S1710798059.358865,VS0,VE0
etag: "271ba23308b6755f26911c7bd52c1c2d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 47254

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_8_6/infra/ Frame FED3 381 KB
86 KB 44ms
44ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_8_6/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5b642ce47553eeb57bb48eff560c88e126cafdbcda94ff4208f5fd93aaeedd01

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-mtime: 1710658911
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: JJ7T9WPTRSJZAP1P
age: 139045
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1710658912
x-amz-meta-mode: 33188
content-length: 87944
x-amz-id-2: JnCOUrmfXjZC/9o35CxCpY5pQc2NADnpfOmTRN4Q6tDYKBb+yd5Jh9jjj4ZzK5fasF3GRDrUIJE=
x-served-by: cache-lis1490038-LIS
last-modified: Sun, 17 Mar 2024 07:01:53 GMT
server: AmazonS3-br
x-timer: S1710798059.358595,VS0,VE0
etag: "02fe02b5b2a7d6e63b90254217912e12"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11543

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v16.1.9/ Frame FED3 459 KB
86 KB 49ms
49ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.1.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d086061f3d6d33f8cbd5a2380bf0e684bab31df1e22a996d00268b76856c6032

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Origin: https://shadowsfromthepast.foroactivo.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-mtime: 1710682055
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 2YNV7WZSSVM57FW6
age: 115897
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1710682092
x-amz-meta-mode: 33188
content-length: 87854
x-amz-id-2: FxTPd0cPQ7XZ18Ma5c+eoE+TGlUyXKiBYhaKhpk9HyASmFrjSRyKzADm45i+5I1RoDcibGbzQ84=
x-served-by: cache-lis1490038-LIS
last-modified: Sun, 17 Mar 2024 13:28:13 GMT
server: AmazonS3-br
x-timer: S1710798060.522717,VS0,VE0
etag: "c4d83faf899c579c6da17515d01b7cb5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 40188

GET
H2 200 sync Show response
us-match.taboola.com/ Frame B532 7 KB
8 KB 150ms
150ms Document
text/html 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ad0772ca6747f3efa6f53f8962bb9976064805433344ea34df7b1ff80fc4b619

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 18 Mar 2024 21:40:59 GMT
machineid: 3109
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame FED3 89 KB
89 KB 52ms
50ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://shadowsfromthepast.foroactivo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 1a8de953aa4aaf678d8f6dfdeeea9a46.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-P1
age: 2226884
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1710798060.548865,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: E3RiljrgSqJ29e5po153D7iOD2Abnp1XZ2vedFP1BXYiwXDFSUvPxw==
x-cache-hits: 472334

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B532 70 B
148 B 91ms
90ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: us-match.taboola.com
URL: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B532 43 B
425 B 93ms
92ms Image
image/gif 99.81.11.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69?gdpr=1&us_privacy=1---

Requested by

Host: us-match.taboola.com
URL: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.11.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-11-175.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B532 43 B
235 B 86ms
85ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: us-match.taboola.com
URL: https://us-match.taboola.com/sync?dast=V9Q_kCABYDAPCvOj9TTGKwBADwrzo_U0xisAUAAAAABgYA4gcAJDGz2YyLhWetWhlma9Fqt1hLfKPNWjQyLDyG1WSy3FiMAEAyxpXLN5pN3BLDYOIWjYYzt3IzmblFm4lhZFguFo7VwgoAEjcZrpWDgajoelvsDqfZ81gDgAqaTofPda_XHB0mv-9zs_zdpqPL8PCc7jK_5e_wmJ62v13jd_vlAAAAAADwAABw1BEAAfADCAAQAQAAAAAgAQAAAABAARBQAfBvASBwAQAAAACAAQBQALWvAQAwvgEgEGRyABiE6-K63P0BAADwEAECAAAggEECACAwvlICAADhWXcCAAAAAAAAAADAAvD___8fAwCg51QsAwBgAb3aAwDw4AMA8EAEAABAAFcEwAgAAAAAIBcwQeEIYBJAJwBUABZVAAAABOlWAABXAAAAAY5TgrKpYQAAAAAAYwAL9LD4_WaHXeN3uwwAAAAAAAAAAMAM4P8M4B8NQEjAzCwNQFgVnlQN4BcQAGAN4BcQAIANQN0AAADeAATgAIIOgKAVg8HqABRisRmsBsPRYDc7AAAAAIA7gP___389ABAbWWbL5XDm2gxGC89oNbM4BiPbYDCaOVy71Wi4PQAHHZUNRhCaxj4AiZsM18rBQFR0vS12h9PsecwPYMIWo9VkslkOZ8vFZDAcDUej_QEMxGQyQICJGCyXk8lisluNVqPNcDeaDRYIIBCDCQJQtGgwWY1Gk8VkuBpNVrPlYrfbIABFq1az0WYwXM0ms91uNRwMl6MRAkzYYrSaTDbL4Wy5mAyGo-FoNEQAGJotTK7VyObWLAabtWi08bgljtFoLVpYNqPBZjLx2AZr0etj-tgsm4VtuUUAwYCJvQgu0onMb7n5La-33_T0290qz0Us0Zws0onssq-NLLPlcjhzbQajhWe0mlkcg5FtMBjNHK7dajTcl2YLk2s1srk1i8FmLRptPG6JYzRaixaWzWiwmUw8tsFa9PqYPjbLZmFb7hu7xWC3HA5Wu31jtxjslsPBarfv0Bm-q8_Z6LeV_B6h0HMarmc3p0HhMli806JF2jocfUaZNjZxnWbSnXNiNfkuXoPCc_CohtLoduI9bLudaVnhOBgUsURwukgnopfxdBFLJE-LdKIxDHYL12Jh89hcw-VmZVs5NyuTZbRZuIbD2cZiEUuUpot0opeo_wjAEMPVXDEZzpVzxWCVAAAAAAAAAAAAlgAwAWYC3AQAAAAA4AQwiOFyMtktFwDgIf5PF-DnuCBb5-gGcRfA_WcszD69rbIYoDHAYwAI81tufsvr7Tc9_Xa3ynNlAIAHanJmgM0AngEIYq1WyxoAAABAABsAAAAggBtANwBvAIEgkxzAPgCQVJEHbtR64T8AgACFWKvV8vlirVZLIOD___-_IAAAAAAAAIBn0yAAAAAAAACgJy4hAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 21:40:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame B532
Redirect Chain

https://cs.media.net/cksync?cs=69&type=tb&gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA

0
374 B

82ms
81ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://us-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:40:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33291

Redirect headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 21:40:59 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=0000EEA
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 18 Mar 2024 21:40:59 GMT

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/33_8_6/infra/ Frame FED3 46 KB
12 KB 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_8_6/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48fde8b4157a9f58429bf9ee4fb1c654218d28762053f3a7d6e5443f28918428

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-mtime: 1710658949
date: Mon, 18 Mar 2024 21:40:59 GMT
via: 1.1 229645111d244444bdf50dba19c1f2c8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-P1
age: 139038
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1710658949
x-amz-meta-mode: 33188
content-length: 11683
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 17 Mar 2024 07:02:30 GMT
server: AmazonS3
x-timer: S1710798060.829112,VS0,VE0
etag: "a607cb535e87d28229ddcf719aa16567"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 3FiimEKGgoXr8l_Qb-7an2T5JjvLFvETSpfUFVhVBP4-ldW7trbQUg==
x-cache-hits: 45664

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ Frame FED3 17 KB
7 KB 56ms
56ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:59 GMT
x-amz-request-id: FE0VR0S8K10DBPXN
age: 2355
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: jRcNi9sjjNItzWK/Iatl9arb6Jnft5MSo+k+Yq/pFnD6U4N3NCdXlIkpz6CFLTxh2KHJ5BAylo8=
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1710798060.987231,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1247

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame FED3 3 KB
2 KB 58ms
58ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240318-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Mon, 18 Mar 2024 21:40:59 GMT
x-amz-request-id: 34JX8Y03SWNT03E9
age: 1300
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: tKY7uSbBI84jEiBWgM20dN7BHwa/X0Lwnkmyh6UvHgqkBOkP9eBH4mkb2r0IETHVU/jJdhsVLp63b7rYp+J9oA==
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1710798060.987375,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 91
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2707811

GET
H2 200 / Show response
pips.taboola.com/ Frame FED3 4 B
134 B 53ms
44ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-served-by: cache-lis1490038-LIS
date: Mon, 18 Mar 2024 21:41:00 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://shadowsfromthepast.foroactivo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame FED3 0
82 B 685ms
138ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=46ad55df-3103-44cc-b144-4a234032bc60-tuctcf23a69&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://shadowsfromthepast.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Mar 2024 21:41:00 GMT
cache-control: no-store
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: discord.com
URL: https://discord.com/cdn-cgi/challenge-platform/h/g/jsd/r/8668624238701ba9

Verdicts & Comments Add Verdict or Comment

272 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shadowsfromthepast.foroactivo.com/	1970-01-20 19:34:54	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.discordapp.com/	1970-01-20 19:13:19	Name: __cf_bm Value: UvGEVnVLGz9yKAKmu333blAcE1gwJk4M2.xgfR31VKU-1710798054-1.0.1.1-lujw7isymDCSYbaQojHFIQ4t7irimzjf1XDZGENJeN.TbVznbJvtEPgblD9TPK1ZlyGxfgD5LgNbzZHq09x2ag
.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: wHlQOdQQw0S8YUQ3vr6SSSXWqvcax.985QgdBQJDNQQ-1710798054556-0.0.1.1-604800000
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: f4d382ec85fa5c5186ada8a0dae2d0b041df3f49-1710798054
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .QWOMN_mPbj6JMR1NSRuRV1uujpfjyPrvdbwhyAGD88-1710798054784-0.0.1.1-604800000
.foroactivo.com/	1970-01-21 04:49:18	Name: _ga_TTF1KWE3G4 Value: GS1.1.1710798054.1.0.1710798054.60.0.0
.foroactivo.com/	1970-01-21 04:49:18	Name: _ga Value: GA1.2.1145196466.1710798055
.foroactivo.com/	1970-01-20 19:14:44	Name: _gid Value: GA1.2.588079506.1710798056
.foroactivo.com/	1970-01-20 19:13:18	Name: _gat_gtag_UA_144386270_1 Value: 1
.rubiconproject.com/	1970-01-21 03:58:54	Name: khaos Value: LTXGZP1D-1Q-77NR
.rubiconproject.com/	1970-01-21 03:58:54	Name: audit Value: 1\|naVuGyos1qo6YpimBMe1+BT+ooZ/4y4gg8Ek+4dRHDbaIQj3gkd4bdofy2jGKMgxTF0bO2YcD5GHuFqn5h30ZcZJWgo0DkPn4HEYI5ehIrXfUHjby+LcvL7FQD2yB//hvsVAPbIH/+E=
cdn.taboola.com/	1970-01-20 19:13:28	Name: abLdr Value: 15
.criteo.com/	1970-01-21 04:34:54	Name: uid Value: 1ecc94f4-807c-4481-bba3-3ada7ff1f778
.criteo.com/	1970-01-21 04:34:54	Name: receive-cookie-deprecation Value: 1
.foroactivo.com/	1970-01-21 04:34:54	Name: cto_bundle Value: wru50V9YRTFlR0QwMmUlMkZCcFc4U2JIWHVkbXNlY2NnRzZ0Rk16QTRtdE1YTHlibnNKcyUyQjc1ekJmVnRTclFRYURlUlJsNjNBcW96Zzl1bCUyQkNDMCUyQlpCWmFpM2JWaEVRMjlDZVhLNHdwdDElMkZUcTN4UEVBazZYVCUyRmt4MlNmNCUyRndTbGdBRmt6ekxDNmVKajklMkZuSnVBTk5BRVo0a3BRJTNEJTNE
.taboola.com/	1970-01-21 03:58:54	Name: t_gid Value: d7064a4e-1e7b-4157-b8a8-9a3ce4ef4f4d-tuctcf23a6b
.taboola.com/	1970-01-21 03:58:54	Name: t_pt_gid Value: d7064a4e-1e7b-4157-b8a8-9a3ce4ef4f4d-tuctcf23a6b

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://shadowsfromthepast.foroactivo.com/ Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=5a5e09c99bf477b62bf79c1924e231f7' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadowsfromthepast.foroactivo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
2img.net
64.media.tumblr.com
ac.aruncdn.com
ac.audiencerun.com
ads.rubiconproject.com
ajax.googleapis.com
analytics.google.com
api.viglink.com
beacon-ams3.rubiconproject.com
bidder.criteo.com
cdn.discordapp.com
cdn.taboola.com
cdn.viglink.com
cdnjs.cloudflare.com
cds.taboola.com
comparisons.sovrn.com
cs.media.net
discord.com
discordapp.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.creativecommons.org
i.ibb.co
i.imgur.com
i.imgur.io
i.postimg.cc
i.servimg.com
illiweb.com
images.imgbox.com
images.taboola.com
images2.imgbox.com
imasdk.googleapis.com
imgur.com
imprnjmp.taboola.com
licensebuttons.net
match.adsrvr.org
pips.taboola.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
shadowsfromthepast.foroactivo.com
smarttag.rubiconproject.com
static.criteo.net
stats.g.doubleclick.net
sync.taboola.com
token.rubiconproject.com
trc.taboola.com
us-match.taboola.com
us-trc-events.taboola.com
us-vid-events.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
webm.red
wf.taboola.com
www.google-analytics.com
www.google.co.in
www.google.com
www.googletagmanager.com
x.bidswitch.net
discord.com
104.17.24.14
104.20.151.16
104.21.235.76
104.22.10.121
104.26.0.229
108.177.15.154
141.226.224.32
141.226.224.48
141.226.228.48
142.250.181.234
142.250.185.238
142.250.185.99
142.250.186.131
142.250.186.142
142.250.186.168
142.250.186.36
143.204.215.42
146.75.120.193
147.75.84.158
15.197.193.217
151.101.1.44
162.159.128.233
162.159.129.233
162.19.58.157
162.19.88.68
172.67.217.127
178.250.1.11
178.250.1.3
178.250.1.8
18.66.147.112
18.66.147.119
188.114.96.3
192.0.77.3
199.232.196.193
212.63.223.226
212.63.223.227
213.19.162.21
213.19.162.67
216.58.206.74
23.218.194.34
23.32.100.25
23.37.42.132
3.254.23.3
35.214.149.91
69.173.144.139
94.23.159.185
94.23.73.212
99.81.11.175
00e37ece44fd383c9223ba81c1fc9f4a5f95291eb12248d63712e1bffa7e2bb7
014fe5d5447fe71f3f3cd478dbc6aded935be923b8ba6443dc64e4db355a9114
022ba6ffaaeb8a813fe2d292867c314393f460e960662df809bfccd7272423ff
0241319c992caff49d7fd2a9bd5016746cc347f5b48d8c7f46dae3e657fc6fa1
0267ee45af9dbf00d4c2df619b889bd2ff1f115dd57d921809bf094fdbc00763
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
083c215d020ef20b62da35322ef91a79310e0dddd7ad5f8b724323cc2e53a355
08fbda7036d790b6780871d637e72ebf5bf275555439c389aa5f9141351d27e1
09b6605951f57d9f6fe1bcbafcae1cba0571a0db2277173fd5f7af58e6cc919a
0a4e0903e5984e8aade021f68ff39829f91b26753f7cff18694a857165f0b25e
0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a
0ef38b46b4d8ea685782f9dc1032f02f832f46c50b9c7d5b577d95f206a6b311
0ef3edd109457a00e4a88aed18706d7eb381a1c2e4e65966698c84b426217e7e
10296483f49dd828535eb4ea5df0356f89d57ea09d28d93b046178393d18d291
1245a6d5817108254941fa1c5247da3ddec0a4f84508040c5b636bd0af732bab
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
132ab3e1f1c2378c3acf64758dd2721f8f1b1e72c44f6ce99ee35e32bb597b27
170dac8117b815860285989688107dfc6dc0a383a4f65627973d299c10e23956
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1ad3cad40ba51c721a14096ccc599adff6db0549392fb2c7a88d9a3957873bbc
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1f2485868f73dbed3d5ea3350e36e478e835c064bb5d4c2b20b1fa14c845d0e4
1f6d09758891267b5dbf02174fe3a62664b0f633ac1250a12772b3c1de587d19
20137ff1d619b4a8b871ee5517ffcd90dfc6ad8aaeaaedecf561809b632c23c5
20a8992352666a61e937bb08faac65997e37683ca509e4d5360787bcae5cfbbe
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b
230f7c655b660e2fc42910cdce789abe9160c9d701ca7562a0c4a2c181f160d0
24b26f4b0283ce27a0ab8684ebf9486d1ce171c305768009174941abc831bd77
29bccd56cbd3bb6d9ccaaaadb541d4ba4133ba731c6ef4b1e6c8829d0165793a
29e4df358abdf39aab5f2c81f501dfe904cd37ad10901e9985fd2cfd4b78506f
30c75be7ae1a3b55923ff36c2758e5b92e420f9cd2ce118ac57f3387ee400869
324538a6ceecc099fb74191cb6ef6619a28c910a0919ecc451baa6ee83bb548f
3432220049708992e649bf45082c25c2a121836762f21429a956b259031ab34b
34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7
35c5b49cdd1ddf2428f0185e00c5e454bfeccc7212b3f0fa7f8f1a922f29f12f
3676d6fdb3110393c514dff4b9c10f1176f563d5bc9fae63756c782c6c826a84
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d16ceb79312419a58fea811d4cd594e4aae27342f067fadf6ddeb553390a2d6
41226463e6d9e37e760f24a5b32ee8d816b6a1eb070b32bad777609305fe1083
416d847cf76a98cb746ca48c0d0d5293db725cebafc4b8b415f4523c89d2b819
43af2978b7d333e853c86fbbd03473e06a8c915872f316273be4f46d6d49691c
444bf79dabe1e138d5a03365e99b6ca7dac3f38f93e6be15cf5eb02c70a7eebf
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4572246c90f0adcd6f3bf24cd7db0d600b60cff0734d3b8ff723d96872f4f9bf
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c98c13e33f79710d2217613880d31a11163101596db60442da1cc5bd608741
48fde8b4157a9f58429bf9ee4fb1c654218d28762053f3a7d6e5443f28918428
492e1a830f32532a63751ecba8d5f4de1de31f0ce25466f9b254f44f2e3ebacd
4a2d45edcca6696ab8dedd80eeaaecff091a3905476edb85dc242b5da639a172
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4e3dfa29e75fdbfa55ef6042b4cd26b0dfbd57a2d9e5c12e10311b97437b84da
4e8aaa085400e98a9f14770565c4c93f4bcb42369bee59ccbdf6b3724ac9c244
4ebc75dfa4f8ec1bd35f9151094270a0d4d728e5fe47f9660c276b047b7be9c2
4f2722dcaea1fcd0c457ea0965ad20b6786e93129c41d72b616747a22528234d
51d481bcc4b215ab67dc03f7b5e7509cc5e220ddc1ef4416bb56323248324923
52e2eca1c392fefd555d30b57b15e1cde6813b16d7a5bcf0a6b0d26d1565bcb5
530dc0f1779cc4b9e42750cf49969897a43aa5f42a1f9bee12a3a52a8d895299
54393197eaef8a4f4690667afdc6183c54d8b17db98d61698ac8d7a0ee0dc81d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5503c33a8338ad85590cc40c0a304a2856c5d0d1e72bc3b6dc0f6c1e07c49ae0
5589298b2c71f53ffc09af3d6eaf6b77eadd881b0e97be3fb80e52f39783e65f
59be6742c628fe76d51bfb638199f9b1b8520a044891ad6e131ccb934bcc5703
5b642ce47553eeb57bb48eff560c88e126cafdbcda94ff4208f5fd93aaeedd01
5ed04f39fd314c862cc395a084e101851d2c0a6b287266ae9923fbac3dc01487
5ee57311c098b0adf129e3594dd848cba80a80107ee8400ed5ae2259af9a3828
5f0127873ef4aef74bcc577a37dd7d544828c77bb896e3f6e1e1a2da78c0b399
61511246002a4ae93dde7012b2a3f1e7f0ede5a14ae82b2bf3ac4527e7ca916d
64b94909e93b9ba945625693935692a9cf9dc792caec0ee76733184d9cb59b70
64c13777073881d52e19e6b262856ed957580cc53bf7fa022a8cfec2a82a8671
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
6b7328bd80fc31359d93e442625ff14983237597df1c3f65fc32966dd252c802
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb019946c7cb28b97bb0ea248d51a9bc1287f01e701edd444d3e6944d2ab4ac
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d6163960d00e1a527f14f98b49a95cad36fbe5af45042b78161c74764acc547
72ab16fb97f6f337a2de2ba4ae7b7784a57cc81a8130fbb291efd10a7d6fc0ef
7592f625de8ef8f92fae23f8be2e8cdd921d836840580c36c55d0ab40a3c5d2c
761550821935d6db3e32d87e298990165110f09af2ca071e0c6e00004759fc19
7932ce638287b43994d67fc8a6b967908edbbad9a935e50cef0474e11674a55c
796a9da62459f6cd1b1b28181e4da2cc2e0fdcd32a914cd2b28605f533224488
7a2c764b1df2671096f38503c8c35e2442b1e83012a9e5d262804576f1b7d323
7c26703ee2e95db7963c15a8a955dfbb2713627428a3c61f3c842faaf3d3dc3c
7cedf5529c0437be68643178fcb34a3257460caac0535438f373b58d2a136e61
7d84b8ca1c09c40aae668b9b97abfc18c6fc279d5df7c4d4ca649aec30e398db
7e2a4c63ae6993d9d56d7d68bc4bd708e993c29270f3a712ae30753da1cad4ef
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
859650bfe5d8b9b4bc3a224457e489dfa9701f8abc03e2fc61223ac6abf0020f
85a39eccddfab2af15b07647e490deb854967b913b95968c340434e8901039a4
86e9d9ba5e4437ffe327fa4322ee1a197909ac1059a0fe423605085d4bf9757b
86ee48c89512802d62b4e6870d57fde3c443826d2ea71cfce2d951235c3360f3
86f88f349f50bff228b9ab4612cd97a0844f8206567d178c6cc9de3076efe5d1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8adbd8ff63a91c632f794383e9b3fd6c45a8c838ff7197c2627ca836ca335a8a
8b9eb020a24bfe3bcb0146c87b0693cb412afb7449eee69f6d8f7b909927b921
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e47646658983be660027931456f5bbbe9947fdf1727ce10461dce179a1643fe
8e88b2cfc65f0c04f1d3de312e2791b286537cf7ca84cbb947ab0db15a9d0cde
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
90481e4b6d834591ddcd5fff10b0b10340d3fb70dcd606404a7ca1d7ffe7689e
9149cabe1850500b66079d83e9ce4aee151741b588da0edc70402fcaaf625c92
917478c4e3fc9704647f0a82954399189e3a05a2b67f5eeb274b6cdd3fa1d9fb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
971455dcd05d8fb19c0bdbbd3d94dcf0114c99de8679419ca6385a562d4f2711
994dda44a6d229433501f2e481d5cf966d6babd9ae385943e5e5701d48200997
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
a4663dcfa8b8041e3ef67807da26745f39321124bc7ae99e17e9c8edfe027d6a
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a7c1252dbe967841bbf91616850d8e5527d03efe9b12fa6851f3efeb5b3ed852
aabb761b66d0fc0a03b1a9274cad02377ccd9ee157dcaccb4756481581c2e501
aaeb3ee977edfe61235b06e3aab43f9d9f268667e85bd170b7a0c303a40bf62a
ab018a84fb1f204d54c403ea22b37b2c3ed91f7baf2821f38e7349e56bce47c0
ac6287e5cf08a858084a077507144f12991d7b4a1de1776d78ec45b81b912292
accb2cb3d22ee91a90b9c949bb3776ee6d9bf01b9961a7d0bb86757db2ab3fcb
acebd68b3f0f865d4d38251ce3d591d618710c049aea48a4ad3ec46b81f3cda4
ad0772ca6747f3efa6f53f8962bb9976064805433344ea34df7b1ff80fc4b619
ada8f0e18f58dc11a03747d307ecec5cefedddb50ec91d37627ffaf0ff531a38
adea2aa2767d809d7ae83bb8023885d49edbce098ff65c4296aed8c1d16c936f
aeca652c8bd7bac4120885fd6f9a7b2f352307aa55e5129aee6609bc796c944c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b6d347557119027a15a7bbd86f812aaa0b2daf145c31637219ff258aa4cd1d92
b7354d98404018c508c8cd1507a78ea10d87863a24e22221fcd0e19df910c336
b813d7d317500b24b43f5f9b8950a041e9c9bedfb85ba7a4b9063901528b0487
b92e79d71aeaaa5b21693d3f8a851193d4046b4f479784a8d1e43bb135eb66e8
baeb881cab8fe480fc4d16e69edfc73f14e24db3bef8f305d8e543c7e61931a0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbe405757fabd9ef07a1a2fedfbd20a5147548dbbcdddbc53c4fa479076e7aeb
bbec9cd19daa94db4e5afafe266c1d3ffae7cdaeb830241484b0cd7ba135cd5b
bcd1914d2a6ca52ebde6f9ce95638b168399297fffbd00520195b5698db8b9b1
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c028dbfdbf425c88bd947f173c94f9135a126482620baf227d4bc8dd2caa35e8
c13a90240e68c60fb81b04d28db044f0782ae05ea832ff72a0a16aeb82edc930
c4e29419b579f0621a49e2027a529eaf8e103af4587a63d359b04107283efee3
c58431b7948d998488f72c586d7588c0801a4248ce09697a3987e50b171d59a2
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166
c64d27af1ff906ff0ade093c3de4f6144d91a276e7163c84efc95ad14a058390
c6de45ae40606621e2dae37f2086be7c6bdb6e9e7c0432e76d81aee85b949f28
c8b769f21d3a30c576d3e4458ff13f46ced2558648a3b8c08620f54978879d3c
cad56b2d52b2abbf3b50293f247b04c26fb5ebba5b506f8052d73a0ddf77ba4a
cbb32862e4ed4665d439b421b5599b013fdf6022d45c1073e485395575153813
cc52aaa8076fdb7226fa92d44da68a6c066593858fb6f20084e2467dacc9d9ee
ce24d1a45d15d3e47dfc14ace4fa72448c64a19cd0045cf65872728f5cc40128
d086061f3d6d33f8cbd5a2380bf0e684bab31df1e22a996d00268b76856c6032
d20f9f1f35ca7c0912593ea5662809d5e41d1be6533d09998a59438542ccd0fd
d384fd17d07115b5b80d25673f27746a8c98fbc1860fc17488e64bf727fb9806
d4bb6f7fa3af6507f11a533b47ee4f9b3d984c32690cc60dbca99038c9c99f82
d61fccdff3ee43eca5a6698aca9bbd34e45a9eb8788b6b67adfdeecb30e7b2dd
d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831
d8475b87ade2daea291d4311f881cfc7acfbeee29c766a4b62c9a285dfbd6b1b
d905cb0b5f0b78ddfe3916b89f201d32a9c2daeee22bdd02b8d4023bec6844f1
db40a79d18a235f7268fc58d74b0f58d669eb97e1287b291d52cfac36ed4f822
dcadb529ed8d75be5c7dd396c5315a1faea0ce85afb47906e007cd9b93c6af76
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e18dc14f6370b1ae850f5854ecbf42e0c8ad448b7743b2ae03e35f3dd63cd55e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e487629f0b90878fcc5b94ec719f98c9c1394b91cc7675db41f189ff658edde1
e58a24b530aed8686caf48a487ad446ec9847a450e5cf588c51e9b6a6bb2548c
e5c100bbd01314f5e42382dbbf8fe0afa69b06e5b6c6ed8829105cc7896bc26d
ea4084684d689686e533d41fc0e6470c0203420fb5cef55a302ed4f0b7139ad6
eaf56928b027a8c51c3ab7d5cd88accab808e773622e2cd46320986f58f917c5
eba4b9d30341370302bec689915c162325dba7da929a7e8520b0d3fc93aa8004
ec3d886d90e5fa6baeafcdbc3847657c491b6b71a64fbf6b63228a2bc9dc687e
ecec85c7374859542765ce88023073ebbf3140be33abe99e6f5e714ed4382295
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d6b0d1f31994c751303a2255d694f9ba00343c14bb307d3ab73d1e1dd95041
f1e0ba3fed409f2430cdf3842a0523c9ee8bdafa8da670a460ddf32e6b8bd510
f34e9411d8361e2aa91a74caacbaf436d6c10602f31aa992d84461ccdac1b3ee
f3eebf2b790325089a1b6a2cf2398a9402a1f944b9c3c8c14a438daa6a921904
f55eac1c56f5443eb71cf466d900f65b670cdbf0653a4030e0dbe3628935ebe3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa1dc11637e9ea37a2932b4482704ad1294ca240fe62047a3b3d6897419309a2
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbaf58f38b7e138e754044e4c8c47f3a25221a872703f0f780496bd8b2f7e161
fce7d9f73f7b82c66b6c3904533cc6bafb66c0fa8d51474ffbd5b2bea3bc4e72
fd76f51e57a81c541d13e0980704422da98cedccc7688ed66a24c88bfc120975
fe9694ccf79844191ee92e8f6fc146dfe34436c879860303532c1f1d0123f5fd
fea9992a54743cd741f17a53c84848e9a27ecbbdf03fa72d0cf8cc57be50e97c
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

shadowsfromthepast.foroactivo.com Open in urlscan Pro 94.23.73.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

96 %HTTPS

0 %IPv6

36 Domains

61 Subdomains

45 IPs

9 Countries

26990 kBTransfer

34104 kBSize

17 Cookies

63 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shadowsfromthepast.foroactivo.com Open in urlscan Pro
94.23.73.212 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

96 %
HTTPS

0 %
IPv6

36
Domains

61
Subdomains

45
IPs

9
Countries

26990 kB
Transfer

34104 kB
Size

17
Cookies

213 HTTP transactions
0 data transactions