fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fileforum.com/profile/mittenpie0/
Submission: On March 08 via manual (March 8th 2024, 6:34:18 pm UTC) from HK — Scanned from IL

Summary HTTP 64 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 64 HTTP transactions. The main IP is 108.44.238.29, located in Leesburg, United States and belongs to UUNET, US. The main domain is fileforum.com.
TLS certificate: Issued by R3 on March 3rd 2024. Valid for: 3 months.

This is the only time fileforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	108.44.238.29 108.44.238.29	701 (UUNET) (UUNET)
11	172.67.74.154 172.67.74.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
11	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
9	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
5	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
2	142.250.195.67 142.250.195.67	15169 (GOOGLE) (GOOGLE)
1	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	185.180.100.238 185.180.100.238	202940 (ITCNG ITC...) (ITCNG ITC Internet Service Provider)
64	15

1 108.44.238.29 (Leesburg, United States)

ASN701 (UUNET, US)
PTR: phoenix.betanews.com

fileforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.74.154 (United States)

ASN13335 (CLOUDFLARENET, US)

images.betanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.195.67 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s38-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.100.238 (Tel Aviv, Israel)

ASN202940 (ITCNG ITC Internet Service Provider, IL)
PTR: dynamic-238.100.180.185.itc.net.il

rr3---sn-pujob-ua8e.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	424 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	betanews.com images.betanews.com	87 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	80 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	147 KB
1	googlevideo.com rr3---sn-pujob-ua8e.googlevideo.com	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2593	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	252 B
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 4037	5 KB
1	fileforum.com fileforum.com	3 KB
64	12

	Domain	Requested by
13	pagead2.googlesyndication.com	fileforum.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	images.betanews.com	fileforum.com images.betanews.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com fileforum.com googleads.g.doubleclick.net
5	www.gstatic.com	fileforum.com googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	csi.gstatic.com	www.gstatic.com
2	www.googletagmanager.com	fileforum.com www.googletagmanager.com
1	rr3---sn-pujob-ua8e.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	fileforum.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gravatar.com	fileforum.com
1	fileforum.com
64	15

This site contains links to these domains. Also see Links.

Domain
betanews.com
fileforum.betanews.com
store.fileforum.com
twitter.com
www.facebook.com
ataskasino.com

Subject Issuer	Validity	Valid
admin.betanews.com R3	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2024-02-27` - `2024-05-07`	2 months	crt.sh

This page contains 9 frames:

Primary Page: https://fileforum.com/profile/mittenpie0/
Frame ID: CA5E6D8BF93EEE688B4395DC3C2981E7
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: 7E7E76C47AC5F50B5CB3AD75072CA461
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1709922852&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fmittenpie0%2F&pra=5&wgl=1&easpi=0&asro=1&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709922853526&bpp=22&bdt=1306&idt=659&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1793854320440&frm=20&pv=2&ga_vid=1694072159.1709922854&ga_sid=1709922854&ga_hid=553518494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184%2C95321868%2C95324160%2C95325785%2C95326920&oid=2&pvsid=3371566375030897&tmod=1137053099&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=678
Frame ID: B99181C70FCA81E2948C88B4B1D67D07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&fwrn=4&fwrnh=100&lmt=1709922852&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fmittenpie0%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709922853548&bpp=2&bdt=1328&idt=660&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1793854320440&frm=20&pv=1&ga_vid=1694072159.1709922854&ga_sid=1709922854&ga_hid=553518494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184%2C95321868%2C95324160%2C95325785%2C95326920&oid=2&pvsid=3371566375030897&tmod=1137053099&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662
Frame ID: 7CD36C063A6D452EEA30A3ADB5968677
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: A0EB7D1EA95844F243D209D7AEA4FCED
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2033C4CBDBFBC85FFA03FEC7A56307F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A719A1EB2EA5848B297AF79FC61F0A67
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/6e6bd83b1ab90baf29df14fe71898cfa.js?tag=client_fast_engine_2019
Frame ID: CE50131F706E4EF46CE4FEC87A8C6C70
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js
Frame ID: 8FA8E8BB38C8A13407614E98CF3AE22C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mittenpie0's Profile | FileForum

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1988 kB
Transfer

3626 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://betanews.com/
Title: BetaNews

Search URL Search Domain Scan URL

URL: https://fileforum.betanews.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://store.fileforum.com/
Title: Software Store

Search URL Search Domain Scan URL

URL: http://twitter.com/FileForum
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FileForum
Title: Facebook

Search URL Search Domain Scan URL

URL: https://ataskasino.com/
Title: https://ataskasino.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fileforum.com/profile/mittenpie0/ 7 KB
3 KB 813ms
213ms Document
text/html 108.44.238.29
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://fileforum.com/profile/mittenpie0/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS: phoenix.betanews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3e371cd69f194ca927183836e0d34fd1b6d5aa632f009726078820756c83bedc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

Cache-Control: private, must-revalidate, pre-check=0, post-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 2356
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 18:34:12 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 08 Mar 2024 18:34:12 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H2 200 reset.css
images.betanews.com/stylesheets/fileforum3/ 886 B
740 B 791ms
648ms Stylesheet
text/css 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/reset.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"376-553c565bb7500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BuGDfFvYMofTJbZi70pEYq2iRjn%2F%2BwspoAlJg8K73PyAr5CgFUrQtYiy3O9f6CreUmxPZ%2FVxP89HW87fClDdLOC46Zq28FDEz%2BtbVOIYqwJa1ZQ8R4TBa11ctVaLHdLlb65Y7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8614eb037cf2e3c7-TLV

GET
H2 200 main.css
images.betanews.com/stylesheets/fileforum3/ 29 KB
7 KB 754ms
611ms Stylesheet
text/css 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 23:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"72a2-554136b4eee40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzitPaFoZbq0%2FyzHdoe0B%2BRFyTFUT2euZx%2FpFE%2FbZinNLcXXynmTV%2F0vObV4psTW18NExKXJ0MqWXxCuXib9JnIlduZjzguWjx3w6MV4l8YmDrinSEOvIp2C%2BUmC6LZxccLrYjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8614eb037cf3e3c7-TLV

GET
H2 200 ffsite.js Show response
images.betanews.com/resources/ 137 KB
49 KB 1081ms
939ms Script
application/javascript 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/resources/ffsite.js
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 08 Jul 2017 02:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"223e8-553c57b3fe140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZT1ablzfvqDDV%2B51lD3mgCA1x3PLRSNJleZyCvEtWRcuCzaMh5iyRDJ6rY1CgoNdzw2c3rVRi56HwBw1FYrFHNkWNE%2FlhwsrY%2FbrJN%2FfO7SDGfqRIzloPhmTDrZHJOvbY9FmCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8614eb037cf5e3c7-TLV

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 398ms
157ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

64ad78a72e63d6e339810875a70c2aae0bde718852c75a07e909bc6dc854073d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Origin: https://fileforum.com
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
server: cafe
etag: 13285923582090833017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 08 Mar 2024 18:34:13 GMT

GET
H2 200 5057593a65fbe6416fc912e4ac0fd96d
www.gravatar.com/avatar/ 4 KB
5 KB 456ms
242ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/5057593a65fbe6416fc912e4ac0fd96d?s=128
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS mxp 1
date: Fri, 08 Mar 2024 18:34:12 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="5057593a65fbe6416fc912e4ac0fd96d.jpg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/5057593a65fbe6416fc912e4ac0fd96d?s=128>; rel="canonical"
content-length: 4268
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Mar 2024 18:39:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
64 KB 382ms
147ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d96d75f1b0e82b929deda57f67c823dc93a4148429ae045e227e2677b1c12557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65043
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Mar 2024 18:34:13 GMT

GET
H2 200 navbar_active_gray.png
images.betanews.com/fileforum3/header/ 1006 B
1 KB 637ms
637ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:14 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ee-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rurppM%2BkOMVT%2BQ2QKF3XPxMz7V5oDNYDzJlb8ZHiVvEsgF3IqKoBqffgBRTo2soDIrNeV1yWKH0Df3MnSDq4RKvmll1dwgO0eORYwRvf6oHi2Le4WaMwXx%2FsqZP1SSgM1DLwo1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eaeee3c7-TLV
content-length: 1006

GET
H2 200 ff_logo_gray.png
images.betanews.com/fileforum3/header/ 1 KB
2 KB 635ms
634ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:14 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "563-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4jVS4hdSNfPuY7OLqfJ4MCDfjejn6Z0Y0ZeeClHRqw56fk0uo1oFaD9lQ2y2DHtN6o1zsrIzPVruneZg6e3chL8QzlBfjdKhACGYUzScgn9D2cx1A%2FVyR1FTGIETPEi1qB%2BtmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eaf2e3c7-TLV
content-length: 1379

GET
H2 200 ff_logo.png
images.betanews.com/fileforum3/header/ 4 KB
4 KB 628ms
628ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f28-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIyUHYj2JAPU5VYRU9cz0vyuD1xWHgY9HoPJt3ta2jDwy%2Fpt%2Fe9Pog01zkkzJF2Sm2f7XipF10p9ibomqzU3GWQ0EtSMro07%2FC22qVJa4cHPP%2BBRmVW7NGnmMJ9YBlxuiyMXJNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eaf4e3c7-TLV
content-length: 3880

GET
H2 200 buttons.png
images.betanews.com/fileforum3/buttons/ 12 KB
12 KB 619ms
619ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/buttons/buttons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2ea3-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhE1UZLnw8%2BZljJGuwUphigviH9BC7ubMnE9N9CfenEsy8J4GON0ANWlpPPqSIRnpFhN36Z9CqDy2piPAKeJ2qiFko3iaZPBxx0PE5BNiXkPZs2cZJF%2BBZ6n6oZHKvmsxyVfA8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eafce3c7-TLV
content-length: 11939

GET
H2 200 socialmedia_icons.png
images.betanews.com/fileforum3/ 5 KB
5 KB 616ms
616ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/socialmedia_icons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "123b-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tD4x86gGDT2Um34YUnOZUNxfugCBajF5UOphFhqu5Az4DxWK5dU%2BXyA729rj607%2BlntkR7RvNzv9agiYc%2FDxgvu%2B6OGhHaEFP1ONZlHk4ehDZydS1MUvj1PiOfArU7fOKwugbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eaffe3c7-TLV
content-length: 4667

GET
H2 200 navbar_active.png
images.betanews.com/fileforum3/header/ 192 B
555 B 629ms
629ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c0-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGTlZt1k3J6jTyNq8gdcIGncHhbpvZl57vz9d1IEitjZ1i6YQtf1yu3DiQhlab8jv2ApiLvORGvUMwa7LuYu7%2Fd%2BzJKkDxUGPAIWd7QHbiS%2F%2F06AeebSfPAI0Yu3KWp9qlaFjhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eb00e3c7-TLV
content-length: 192

GET
H2 200 bgs.png
images.betanews.com/fileforum3/ 4 KB
4 KB 72ms
72ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/bgs.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3985
etag: "ec9-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMm9Ke3rKkkFoG0T00oUPgmANlJidQv2Zmz%2B8xJ5C5f%2FTJDzbRNy2Gb2px2PySBx5H4avb6SKuTYH05E10DyHjy1Fno91ff8bDUcvzGQBffPY13BAPX3jF3zLkPH4nFCx5K0TUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eb03e3c7-TLV
content-length: 3785

GET
H2 200 icons2.png
images.betanews.com/fileforum3/icons/ 2 KB
2 KB 625ms
625ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/icons/icons2.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "892-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j9ukDbIN%2FtHsh6Rn7upuuy4lOsqeMmM3h1Z0zkKzJl5fdj4ZhBQtTseaycO3bV9simo%2Bw7F83gLbXH9CXH7lJg%2Bhpu%2FW0oBYkkQvaqsq4WPO4bhZRXsT1asszu%2FlJEXb9PQd94%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8614eb09eb05e3c7-TLV
content-length: 2194

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/ 405 KB
137 KB 400ms
174ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d5f28bb53acf903e60b9c25bbe64881ce9fc8cd671bbe749d2d43c15cce1a1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140522
x-xss-protection: 0
server: cafe
etag: 10096959582557481563
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 18:34:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 7E7E 9 KB
4 KB 341ms
111ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

age: 40698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 07:15:55 GMT
etag: 5035419970550746386
expires: Fri, 22 Mar 2024 07:15:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 332ms
143ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=481398418651484&num=0&dvc=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
83 KB 146ms
145ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bdf61cd7b116df9defe3cc2ab126cf3a5563b7919a54b78720724b2e28223ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 18:34:14 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 350ms
119ms Ping
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H9SLV28721&gtm=45je4360v9110113147z89119310666za220&_p=1709922853396&gcd=13l3l3l3l1&npa=0&dma=0&cid=1694072159.1709922854&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709922854&sct=1&seg=0&dl=https%3A%2F%2Ffileforum.com%2Fprofile%2Fmittenpie0%2F&dt=mittenpie0%27s%20Profile%20%7C%20FileForum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2769
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:34:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fileforum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B991 260 KB
60 KB 613ms
613ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1709922852&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fmittenpie0%2F&pra=5&wgl=1&easpi=0&asro=1&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709922853526&bpp=22&bdt=1306&idt=659&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1793854320440&frm=20&pv=2&ga_vid=1694072159.1709922854&ga_sid=1709922854&ga_hid=553518494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184%2C95321868%2C95324160%2C95325785%2C95326920&oid=2&pvsid=3371566375030897&tmod=1137053099&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=678

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

241d53360ed7aad8c42dc88514a5abf30761272a9507b3fd2bcb154d16660478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 18:34:14 GMT
expires: Fri, 08 Mar 2024 18:34:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CD3 852 B
628 B 553ms
552ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&fwrn=4&fwrnh=100&lmt=1709922852&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fmittenpie0%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709922853548&bpp=2&bdt=1328&idt=660&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1793854320440&frm=20&pv=1&ga_vid=1694072159.1709922854&ga_sid=1709922854&ga_hid=553518494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184%2C95321868%2C95324160%2C95325785%2C95326920&oid=2&pvsid=3371566375030897&tmod=1137053099&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b0aeffab799a901f177e5be12e15634e371ff9cefc6a0130d9da80ac1891b02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 18:34:14 GMT
expires: Fri, 08 Mar 2024 18:34:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 157ms
156ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5155a8433c329405a5c79b85ad4ef931f293a4eca3c1d3a6c00c0c77806b0940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12404
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/ 166 KB
56 KB 159ms
159ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/reactive_library_fy2021.js?bust=31081674

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

61cc69f3ea4e389ad6ec5dc1ec0fda5318a67fed836a274272e88a7a6851fb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57255
x-xss-protection: 0
server: cafe
etag: 9945610111925965429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 18:34:15 GMT

GET
H2 200 ca-pub-6676241418785266 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 388ms
148ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6676241418785266?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

fddc09c6dfe65eb8b35fee348c85e4633b7b72c5a4ed601d1367e3a92384782f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bKcSogXDcPVbUvbYqjQejA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bKcSogXDcPVbUvbYqjQejA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi5li-Ze16NoEVG1vqAF8cMT8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 148ms
147ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-6676241418785266&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240305_093518&sat=1709787620869&afm=2%2C0&as_count=0&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0&alldns=0.359&allp=19&fd=(0%2C9%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=fileforum.com&pvc=3371566375030897&r=0.1&eid=44759875%2C44759926%2C44759842%2C31081587%2C44801779%2C31081674%2C95322184%2C95321868%2C95324160%2C95325785%2C95326920

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:34:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 147ms
146ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 374ms
133ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 18:34:15 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame A0EB 9 KB
4 KB 113ms
113ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

age: 40587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 07:17:48 GMT
etag: 5035419970550746386
expires: Fri, 22 Mar 2024 07:17:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXVysB5vyBXwz0-2MBmmjVN3ldMEy5rGpqOZXFtP1nPPs8Xj9_teeib55braRkHNIndsbfBBvwO--vHuItbA9v2u2_lW1Q666rVMtr641ub8BnYTSb4_3mxzablrzqW7LsK_o0Ryw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 136ms
135ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXVysB5vyBXwz0-2MBmmjVN3ldMEy5rGpqOZXFtP1nPPs8Xj9_teeib55braRkHNIndsbfBBvwO--vHuItbA9v2u2_lW1Q666rVMtr641ub8BnYTSb4_3mxzablrzqW7LsK_o0Ryw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5OTIyODU1LDQ3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9maWxlZm9ydW0uY29tL3Byb2ZpbGUvbWl0dGVucGllMC8iLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

3dbe8a8c49540c181111fbc74e8775dfeee062fcbae85a6df9c96d73981d97cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_7kC9pk4Hos3VLo7f55ZtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-_7kC9pk4Hos3VLo7f55ZtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi4Vi-Ze16NoEb7w-3MwEAlA0x-g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2033 13 KB
5 KB 115ms
114ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

accept-ranges: bytes
age: 3148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 17:41:47 GMT
expires: Sat, 08 Mar 2025 17:41:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A719 829 B
1 KB 364ms
130ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

b3f3ebdd56a37a8fcd7aa70579574cf7edf1db787fd86a4a6043c9a8afea802b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dhsN3cytYlHcIlyJicU0qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dhsN3cytYlHcIlyJicU0qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 18:34:15 GMT
expires: Fri, 08 Mar 2024 18:34:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 6e6bd83b1ab90baf29df14fe71898cfa.js Show response
www.gstatic.com/mysidia/ Frame CE50 9 KB
4 KB 345ms
112ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6e6bd83b1ab90baf29df14fe71898cfa.js?tag=client_fast_engine_2019

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 22:32:43 GMT

GET
H2 200 05d558d41abd9b3686387d7a3ea4897b.js Show response
www.gstatic.com/mysidia/ Frame CE50 161 KB
59 KB 419ms
185ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/05d558d41abd9b3686387d7a3ea4897b.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

506f455b79418b21e5ce5cb0b08174649e61d7d8906784607c423872322cd48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60554
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Jun 2024 00:15:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CE50 11 KB
2 KB 358ms
123ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400%2C500

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

bcc8ab6df00796eb99e18a7da3cb9f0eccc02260ed75f6bfc7c3c887f759130f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Mar 2024 18:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 18:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Mar 2024 18:34:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame CE50 2 KB
875 B 140ms
138ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:23:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame CE50 23 KB
9 KB 128ms
126ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:23:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame CE50 3 KB
1 KB 140ms
139ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 08:20:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 08:20:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame CE50 20 KB
8 KB 115ms
113ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:23:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CE50 207 KB
63 KB 112ms
111ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:55:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 18:55:29 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame CE50 36 KB
15 KB 344ms
114ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/mittenpie0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 22:40:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame A0EB 15 KB
6 KB 139ms
138ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 14:50:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 9518204868993021864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:50:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A0EB 205 B
296 B 409ms
185ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:20 GMT
x-content-type-options: nosniff
age: 342115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Mar 2025 19:32:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A0EB 604 B
919 B 405ms
182ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:35 GMT
x-content-type-options: nosniff
age: 294100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Mar 2025 08:52:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame A0EB 22 KB
9 KB 144ms
144ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 14:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:32:58 GMT

GET
H2 200 AGSKWxUUMlKcEqYOrt2JNRJQwrJNTrxK3uUjX-1jH1S7JCsxgWokqXPMAlnGFhkAhPfl4eJ1GFk4M79-nI2h7NNO4zDX0eRFCDKzIZA_gJdxwcERqOj3vV023Q0kl62kri7OC2h-GYgjlA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 145ms
145ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUUMlKcEqYOrt2JNRJQwrJNTrxK3uUjX-1jH1S7JCsxgWokqXPMAlnGFhkAhPfl4eJ1GFk4M79-nI2h7NNO4zDX0eRFCDKzIZA_gJdxwcERqOj3vV023Q0kl62kri7OC2h-GYgjlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5OTIyODU1LDYyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZmlsZWZvcnVtLmNvbS9wcm9maWxlL21pdHRlbnBpZTAvIixudWxsLFtbOCwiYndyTWNzNlpjWWciXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

1f35a64d2704e2bb3af51db104301d8061baab1c58becb973165d07bebdfbdd7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XTkwOp0_BRdhEXcO6xBHtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XTkwOp0_BRdhEXcO6xBHtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1ZBiWMS_i-nErdtMF4D4vNMdputAXMvwjKkViA00njNZADHjnxdMnED87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOBWIiHY_mWtevZBH407LjEBACtAjhh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2033 39 KB
15 KB 118ms
118ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 08:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 08:55:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2033 0
10 B 111ms
111ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?URiKXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A719 0
0 145ms
144ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=3371566375030897&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame CE50 0
234 B 1351ms
458ms Ping
image/gif 142.250.195.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ltizx3u7&c=8476890676202&slotId=4238445338101&qqid=CMmLy4Kn5YQDFRgWogMdVeYOZw&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/05d558d41abd9b3686387d7a3ea4897b.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.195.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa03s38-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:34:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/7Mi1QY5M_18/ Frame CE50 9 KB
9 KB 356ms
113ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/7Mi1QY5M_18/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

5a0bf2f2cd40cd632f2bb689766d6576fb47c882b69b5cf656adaa0cbb574b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:06:00 GMT
x-content-type-options: nosniff
age: 5296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8856
x-xss-protection: 0
server: sffe
etag: "1707043081"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Mar 2024 19:06:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-pujob-ua8e.googlevideo.com/ Frame CE50 1 MB
1 MB 311ms
118ms Media
video/mp4 185.180.100.238
ITCNG ITC Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-pujob-ua8e.googlevideo.com/videoplayback?expire=1709951654&ei=JlrrZbHgJ8WYv_IPt7Oi8AY&ip=31.187.78.75&id=ecc8b5418e4cff5f&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=IF&mm=31&mn=sn-pujob-ua8e&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.290&lmt=1707043009628441&mt=1709922554&cpn=c43HbjzkV05dCtHm&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRAIgD1ExpossgVsLK84-4HBewhQQ0ehu3tUlRM9jWORxfeMCIFyBmCyhLd2Fhkuz3RSAcS5E-HZqoQ0nRQw7_JHITk2d&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=APTiJQcwRQIgfwZ5zZ6qCiOYJVv6IcG6tewdqgGIBzMvHJ52z5zYCf8CIQDw8JoE0VnP1tlQcPVno-laP4_lqezTJ4cFRkUGzsvBrA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.180.100.238 Tel Aviv, Israel, ASN202940 (ITCNG ITC Internet Service Provider, IL),

Reverse DNS

dynamic-238.100.180.185.itc.net.il

Software

gvs 1.0 /

Resource Hash

579ed628c89414d81814f07e1388f2937d6dc65fac0335cc87ba0b061dae343b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Mar 2024 18:34:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Feb 2024 10:36:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1117373/1117374
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1117374
Expires: Fri, 08 Mar 2024 18:34:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 148ms
147ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=3371566375030897&bg=!S0ilSAfNAAZsmiNCTJo7ADQBe5WfOB6QsN0wjvKBIq2peVg7w-BGKZoXL7YWi2eoL1FVHNc4G_anaRym0BkHGu-fVKJgAgAAAFdSAAAABmgBBwoAG05C67l34go3os7hCtKlCmfRcJYsLv3yZX8Ug5kCsf5rQxoITcN6hlQp8KsW9-2-haBy75RvEqiEgtGIZyWyE_NxPlK-BWoenDIUOLPv3lHijqoJ0iQoDBS4ZVjcqJILh2UFKVI5AINfA2UH8mRv9Fm2TKarSuciw6R0CfY8a689wG7_jdTS12u8vm8Dxobxp3SU4Tg_MnrysijbEc10jTBzMOKju4f5R6AGEquFOWCJT6_yAXPDPfmGz3q6FN1Gk0yIpT1_PZt5fDPVGJ6VSFGIrhtaf-R4FJ86ZrOaS7YxXuArqX5tzI3_5OCBXLVWzwWLB-ihdxQKcDylWuCoeSYXrIvBUmU_wFZh8MHR2atWZyqz-l1b0dwFVzXQB4ALji52CT8DQEUpWgNN3w1Qm2UEyeC-n_M5AwPp_XvfWJ4mzjJL05goK4sLJ9aFYvwdZ_vWkjAKO_49kcxtoMoBYlRVOkT5inMLI4iQyEXrqoKclbmIFxzgqjtaD60u2HauU2zXqEbCBGkuyzfjW_omoIcLSmBzlkYxUDUVIf4vdQhATqJbTFX-5GqS2xlaxcQ7win3XeHi5zFkz5aKRBXC0QJkmpdPjYvdQMAVyWI5L7e6t1SAtJckJDqzxzC7_Big2TG7AhkmfPGY6myiJc3PANy7yM5jpzsEcoErFhpXq1c7SeRUdZMe9oLYohy6Uk9diJLOmKzsLuBLHrSxXbdjJbxElpnoT2iPcJthoEpaUz3_qda6uw57vvF92iS0EeHrOJSsZsHkpf_NUFsjuTk8zbWhvW6KxhE_Q_gH7TqqMgPSJh4uVxRLvKsAb3Un8EUUWBngL_HlDY7Tfo9kQcPrgOzcyuSJHwwoCauOj9805gfnME0obzhMlFayEXg1GQc2m30mG-3h5vRbSCO68I0N7Ci-LM362HruTHutT6OA0DmQamqiwVIhgjNzFITi5A18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ads Show response
fundingchoicesmessages.google.com/f/AGSKWxVVahAiOzsbkonPMp0yD9WdyIf4_spfBuYcavTOULYPPQMZLLEHWXHzNOxTClR21cikUczn4q47mtHpdtkRn4TluLIYABEj3O9QUTvRcMYZqUPxKsKj9FlZPCO6A1pr7TMyahlFTlDc7Wz_LNrt2IaoBVJhV... 54 B
110 B 128ms
128ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVahAiOzsbkonPMp0yD9WdyIf4_spfBuYcavTOULYPPQMZLLEHWXHzNOxTClR21cikUczn4q47mtHpdtkRn4TluLIYABEj3O9QUTvRcMYZqUPxKsKj9FlZPCO6A1pr7TMyahlFTlDc7Wz_LNrt2IaoBVJhV7q9czvN4nNnSFGgDSoVC4qZf4iF7U8c/_/ad-letter.-adv.jpg/common/ads?-image-ad./adxsite.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyC0jXOml9q6aufpCALFQDJ9_stlQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

8300f7a5e23048c0c64fb2dc8ff7a45e9ef4da3b48297eec532559a2c5508cbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0XR75xOoyON0SvFelWT2Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-0XR75xOoyON0SvFelWT2Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi4VixZe16NoGG2efuMgIAkdwxrw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 112ms
112ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24264
x-xss-protection: 0
server: cafe
etag: 8613831024126762174
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:08:29 GMT

POST
H3 204 AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 358ms
128ms XHR
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JCdWJTND5df42-PGbYjOrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JCdWJTND5df42-PGbYjOrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAh3zek8xAQCJIREM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fileforum.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zPVTD2CnDK71G6NEVGC65g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zPVTD2CnDK71G6NEVGC65g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAiv2bD_FBACK5RF1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fileforum.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mdN8HYmx8T65-5fJaWsRFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mdN8HYmx8T65-5fJaWsRFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAhv6_p5iAgCNqxGj"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://fileforum.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dO0F_JjxKBdc45CEsaKbWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-dO0F_JjxKBdc45CEsaKbWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAjNW_zzJBACNDxGg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fileforum.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVz22s6wYrKRl8bt1vYb_M7ZcI8AV1-OG1HYPQ4_y8WD7vxK4d_cMEZKPQUAVWqRWInOCtOAvfCAfaQMGB1_iWhif50CDyhyBW8I1lAcgOu7DYsWqdQmGWt6qtSLsakNUrpWMHyFg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 142ms
142ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVz22s6wYrKRl8bt1vYb_M7ZcI8AV1-OG1HYPQ4_y8WD7vxK4d_cMEZKPQUAVWqRWInOCtOAvfCAfaQMGB1_iWhif50CDyhyBW8I1lAcgOu7DYsWqdQmGWt6qtSLsakNUrpWMHyFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5OTIyODU2LDUyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9maWxlZm9ydW0uY29tL3Byb2ZpbGUvbWl0dGVucGllMC8iLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

54a5343eba5cdff9c8ee2a1d2f1fc5af426f34d7a29c051142d46f2a4371ebd6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XGZPaulhtHkAQ7SCLpR_5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XGZPaulhtHkAQ7SCLpR_5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi4VixZe16NoEZz-8uYgIAkzwx6A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FA8 51 KB
20 KB 113ms
113ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20147
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 03:15:07 GMT

POST
H3 204 AGSKWxWlVnu7xzmbUF8AsIdW1nKHEwdcRxrcFJETWG1iYV48ZxSjgF2cCdIE6Y5scQP55-JwEgPoq4tAIP5oCgK-F1-wy7Q_IgrQTcnakZqsyu0cXOqmMr7APrG2Hi-F3qLLj6VCYU93hg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 125ms
124ms XHR
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWlVnu7xzmbUF8AsIdW1nKHEwdcRxrcFJETWG1iYV48ZxSjgF2cCdIE6Y5scQP55-JwEgPoq4tAIP5oCgK-F1-wy7Q_IgrQTcnakZqsyu0cXOqmMr7APrG2Hi-F3qLLj6VCYU93hg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pYCOOIySa2E0pAMF5unapg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pYCOOIySa2E0pAMF5unapg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw15BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAi-Otz1gAgCNthGv"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://fileforum.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5sq9iPclU0KAcPyW5ame0d5_1mPl5-MEBayEgjst6Otl8FWCmGMUO_ea10FHeJAaCwfH_nRrSdCNeCA1kvhCFDm6S9DaLqGvpabAlOiYOq1GblFl21sRn2Fx0QTq3zoxMk5kmpA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hut_t8hlZDDUutH4luymjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:34:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hut_t8hlZDDUutH4luymjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsWLL2vVsAicmdD9kAgCKIxFS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fileforum.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CE50 0
54 B 458ms
458ms Ping
image/gif 142.250.195.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ltizx3ue&c=8476890676202&slotId=4238445338101&qqid=CMmLy4Kn5YQDFRgWogMdVeYOZw&umsem=0&ple=1&ape=1&met.4=vil.ltizx47d~vfl.ltizx4ei
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/05d558d41abd9b3686387d7a3ea4897b.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.195.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa03s38-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:34:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fileforum.com/	1969-12-31 23:59:59	Name: sixsession Value: 4067eru8efcf8gok9hemgrrgije0pand
.fileforum.com/	1970-01-21 04:34:42	Name: _ga Value: GA1.1.1694072159.1709922854
.doubleclick.net/	1970-01-20 18:58:43	Name: test_cookie Value: CheckForPermission
.fileforum.com/	1970-01-21 04:20:18	Name: __gads Value: ID=9d5f42892dd527dc:T=1709922854:RT=1709922854:S=ALNI_Mas_V2DdHHXk9q97JaoR9XO302QRw
.fileforum.com/	1970-01-21 04:20:18	Name: __gpi Value: UID=00000d6c81b072e9:T=1709922854:RT=1709922854:S=ALNI_Ma3wE5rimnsZna8GXNy3y_INoYn6A
.fileforum.com/	1970-01-20 23:17:54	Name: __eoi Value: ID=a6feefa7b87625d9:T=1709922854:RT=1709922854:S=AA-AfjbYixz4ss06CWkNbLIGGP86
.fileforum.com/	1970-01-21 04:34:42	Name: _ga_H9SLV28721 Value: GS1.1.1709922854.1.0.1709922856.0.0.0
.fileforum.com/	1970-01-21 03:44:18	Name: FCNEC Value: %5B%5B%22AKsRol8yFINpD-3iGi16aVKi_0b8w8lMl5_cqbAmeNOrOLY5tOfi77ExY5E0t_RQTIWx50NEG_9humexcXitECBmOmMVyQEQpLDj1TsUyH2JpgUY19i6wHKqVTpxXDkcFxEfG5DbLzQ9339X2Aue50-rLVEwYDiVrw%3D%3D%22%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fileforum.com/profile/mittenpie0/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/mittenpie0/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/mittenpie0/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fileforum.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i1.ytimg.com
images.betanews.com
pagead2.googlesyndication.com
rr3---sn-pujob-ua8e.googlevideo.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
108.44.238.29
142.250.181.228
142.250.184.226
142.250.185.110
142.250.185.142
142.250.185.232
142.250.186.138
142.250.195.67
172.217.16.195
172.217.16.206
172.217.18.1
172.217.18.2
172.67.74.154
185.180.100.238
192.0.73.2
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f
1f35a64d2704e2bb3af51db104301d8061baab1c58becb973165d07bebdfbdd7
241d53360ed7aad8c42dc88514a5abf30761272a9507b3fd2bcb154d16660478
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3dbe8a8c49540c181111fbc74e8775dfeee062fcbae85a6df9c96d73981d97cc
3e371cd69f194ca927183836e0d34fd1b6d5aa632f009726078820756c83bedc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
506f455b79418b21e5ce5cb0b08174649e61d7d8906784607c423872322cd48a
5155a8433c329405a5c79b85ad4ef931f293a4eca3c1d3a6c00c0c77806b0940
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
54a5343eba5cdff9c8ee2a1d2f1fc5af426f34d7a29c051142d46f2a4371ebd6
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579ed628c89414d81814f07e1388f2937d6dc65fac0335cc87ba0b061dae343b
5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8
5a0bf2f2cd40cd632f2bb689766d6576fb47c882b69b5cf656adaa0cbb574b17
5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cc69f3ea4e389ad6ec5dc1ec0fda5318a67fed836a274272e88a7a6851fb12
64ad78a72e63d6e339810875a70c2aae0bde718852c75a07e909bc6dc854073d
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a
7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe
8300f7a5e23048c0c64fb2dc8ff7a45e9ef4da3b48297eec532559a2c5508cbf
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
b0aeffab799a901f177e5be12e15634e371ff9cefc6a0130d9da80ac1891b02c
b3f3ebdd56a37a8fcd7aa70579574cf7edf1db787fd86a4a6043c9a8afea802b
bcc8ab6df00796eb99e18a7da3cb9f0eccc02260ed75f6bfc7c3c887f759130f
bdf61cd7b116df9defe3cc2ab126cf3a5563b7919a54b78720724b2e28223ebb
d5f28bb53acf903e60b9c25bbe64881ce9fc8cd671bbe749d2d43c15cce1a1ba
d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb
d96d75f1b0e82b929deda57f67c823dc93a4148429ae045e227e2677b1c12557
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab
fddc09c6dfe65eb8b35fee348c85e4633b7b72c5a4ed601d1367e3a92384782f
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab
ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422

fileforum.com Open in urlscan Pro 108.44.238.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

15 IPs

2 Countries

1988 kBTransfer

3626 kBSize

8 Cookies

6 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1988 kB
Transfer

3626 kB
Size

8
Cookies

64 HTTP transactions
0 data transactions