bowfile.com Open in urlscan Pro
2606:4700:3037::ac43:cde6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bowfile.com/ael
Submission: On November 28 via manual (November 28th 2021, 10:53:21 am UTC) from HU — Scanned from DE

Summary HTTP 117 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 117 HTTP transactions. The main IP is 2606:4700:3037::ac43:cde6, located in United States and belongs to CLOUDFLARENET, US. The main domain is bowfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 20th 2021. Valid for: a year.

This is the only time bowfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:303... 2606:4700:3037::ac43:cde6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:214... 2600:9000:214f:800:b:b271:7c80:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:4200:12:fc33:3bc0:21	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3035::6815:30d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:801::200d	15169 (GOOGLE) (GOOGLE)
2	158.69.139.238 158.69.139.238	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
117	27

28 2606:4700:3037::ac43:cde6 (United States)

ASN13335 (CLOUDFLARENET, US)

bowfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:800:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)

d26adrx9c3n0mq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:12:fc33:3bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d301cxwfymy227.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

alukizeia.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:30d7 (United States)

ASN13335 (CLOUDFLARENET, US)

uleqasfor.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bowfile.com bowfile.com	1 MB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	343 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	141 KB
10	doubleclick.net googleads.g.doubleclick.net	76 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
7	google.com 2 redirects accounts.google.com adservice.google.com www.google.com	2 KB
7	googletagmanager.com www.googletagmanager.com	61 KB
5	cloudfront.net d26adrx9c3n0mq.cloudfront.net d301cxwfymy227.cloudfront.net	68 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	alukizeia.one alukizeia.one	3 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	google.de adservice.google.de	914 B
2	dtscout.com t.dtscout.com	3 KB
2	uleqasfor.one uleqasfor.one	1 KB
1	googleadservices.com partner.googleadservices.com	635 B
1	google-analytics.com www.google-analytics.com	344 B
1	amung.us whos.amung.us	145 B
1	freychang.fun freychang.fun	722 B
1	facebook.com www.facebook.com
1	waust.at waust.at	6 KB
117	20

	Domain	Requested by
28	bowfile.com	bowfile.com
12	pagead2.googlesyndication.com	bowfile.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	ic.tynt.com	bowfile.com
7	www.googletagmanager.com	bowfile.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	d26adrx9c3n0mq.cloudfront.net	bowfile.com alukizeia.one
4	fonts.googleapis.com	bowfile.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	alukizeia.one	d26adrx9c3n0mq.cloudfront.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	t.dtscout.com	waust.at t.dtscout.com
2	accounts.google.com	bowfile.com
2	uleqasfor.one	bowfile.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	whos.amung.us	waust.at
1	freychang.fun	d26adrx9c3n0mq.cloudfront.net
1	www.facebook.com	bowfile.com
1	d301cxwfymy227.cloudfront.net	bowfile.com
1	waust.at	bowfile.com
117	27

This site contains links to these domains. Also see Links.

Domain
www.wikihow.com
www.youtube.com
cookiesandyou.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
alukizeia.one Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.uleqasfor.one R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://bowfile.com/ael
Frame ID: E2C0CC664AD0203F2E9186949AF866EB
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 41E027E90F233F25AF3FAE91AB99FA41
Requests: 1 HTTP requests in this frame

Frame: https://alukizeia.one/ZWwxa0IEDlIGfQRRU003FwAMTnAjSQMtJldaUA8wHVVSWCxVAUBFIQkDRA8kFwNfH2wLCUVOcCMrYgcELAlnBDI1BWgNGDFYBScHNwZUPCpdOAMHMSoWQjwMIRxCKhEWCFcBKl0lc152BDgAJiQhWEMnBzcdUy9yFSpLWnEBFQEzDT0IVgkqAkkDKQkiFAkzO1FaYQIMICJbXzgqLlYbDhw1BC8aEkkDLQ8tOWQlFiRYeykXUg4DJg0xJGNdJi0cewgoVVh7A3JUPGIhNjZeXgAIMl19CiwRBGsALkBedw4QKxhiWS1cI3IxEgcBCAIBCRReDisJSQMpFj0iRzJxSAtoICgKVX06dkBedyAGCgR1M3tRKgJaCQc7YwIkCRReDiwOBnQ4dgs8ZloOIjsIAScnOUsiFjcYYlktESJyGBErO39bJw4HBCIrKAJ3L3sTNUZeAwcrYwMYDl1CDQUzAWU8exM1AgwJKhVGHA0NLhRZBAAuVVIRCF1aMixQCn1YIUMGQgQsFVF4OQVRBQUyBldURF4
Frame ID: AD7D0DF3879948E7649159EB8252FFB8
Requests: 2 HTTP requests in this frame

Frame: https://alukizeia.one/WHdIaVA5FSsEbzlKKk8lKht1TGIeUnovNGpBKQ0iIE4rWj5oGjlHMzQYPQ02KhgmHX42EjxMYh49BgcgOSQcJwYeIxkfFB0+HDk+CTwKPB4uES8gAR00IwQIDS0AIicRNS1ZNxMyHT8CADR8EwYvAwMPEw4kHythNhV5MwkfICxdFg4ULSYYCT8NKGhvEw5cChkzBQUIaRMuCBFgMA8sIH1FDgwnFRIMPR02IXkCHhMgPysSMCY9CxEdMBtbIDY2MCcaHzA/KxI/RzIjJw00EFs7FDEvOxsRGXAhGGlOJwwGEjALAwkrJQ4kCRUkCiEVaBArDxEZNR4ufTRSei8WPyUDCjkSFRkBM2oVCS9hAEUgXAhpTxo5Yi81CgFgfUUOIjwwLR1aaW82eTwDEzQSDAVpTictJzc2Hi4gNjU/Kx06GishEWlOJwwFGi8ALSNvICAnGRA/PygRDiU4DygOMxoedjIEJwcgZQYDWx1qJxAfNw
Frame ID: 3B3E88BDEC18FD02EC22497C8E2E9413
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1638096795&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fael&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795200&bpp=5&bdt=465&idt=239&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=2381404846500&frm=20&pv=2&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BhieFRC1ed&p=https%3A//bowfile.com&dtd=251
Frame ID: 5D67689F95C2DCA77D83332DE3743C83
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1638096795&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbowfile.com%2Fael&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795269&bpp=1&bdt=533&idt=190&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=2381404846500&frm=20&pv=1&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=193
Frame ID: 4186B437D08E96C064064A6B6EBC8928
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 401383FFEFDD3BF92A25F63A9AD2701A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D92E6D20CD1A5C603AA6C969F1CB5067
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 82775A1DA9297D6DD06C4C53DAA23B61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4BBFE1D6B9CD335C1D6EA7BF67A24139
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: BBFC33ED54E3394B6A4830977D4F0472
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1051A6D7029630484312563E1F601C2F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0BF3EAED5CD263E94C9FC3F6B56F8FF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FH4_Update v1.473.944.0.rar - BowFile

Page Statistics

117
Requests

100 %
HTTPS

73 %
IPv6

20
Domains

27
Subdomains

27
IPs

4
Countries

1902 kB
Transfer

3905 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wikihow.com/Disable-Adblock

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=roWd3cISn2M
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=e3x4M3gfhhM
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LgIQY3uavf8
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

117 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ael Show response
bowfile.com/ 74 KB
30 KB 77ms
45ms Document
text/html 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1f68172beb5a7d0e43940de18831c5ef80c4c30e8eab0673618a66cca764b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate no-cache
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6Am5pPrsoAgMetp0BzWWO3cCIc%2BAocaBn4fEai6J6ha8SPfrcY0uRM9QnPhLxVXPIueMy69RCBqKrN8cMpUpxGL2BFVJqzJNqSI5k0rn9hGJAMzFmY4993mIJDuhjkQKDf2qBcWBP9b%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b530d26c8954ec2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 75 KB
13 KB 39ms
36ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 1261732
etag: W/"5f8bebbe-12c7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgU9VfGj4NKgYSOeSEzG8g6SsPpW7z1SQsRNK6RnyYs6d9P7%2Bfb5YaWnfEHS7%2FNUVAHXNLoN93FMEElDOjF0%2BcoE7fhR21botovgiUauBd%2BFxi2Vl%2B6h1z6TIeLfc62eUwhhrY%2B7y8GZNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2739924ec2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 stack-interface.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
858 B 15ms
12ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261732
cf-polished: origSize=3160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-c58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CQk8Zrr1J7CHJchoxElrEt5J9pW93pksW856BaSgU09DHQM2vlNrhkPDP1H%2BoNAaTRXGHhLG4BZ4f4w1W33ycyOX8k8otPF%2BsLgbwcTTS0t9rjCOPb7Dq5VmdyItMsYkr6zCMJRbqD7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739974ec2-FRA
cf-bgj: minify

GET
H2 200 socicon.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 17ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/socicon.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261732
cf-polished: origSize=9838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-266e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDsv9CPJEEmJY0fCZVvs0vR6zuE3d4WOPV4UNfpb0Z%2BT13%2FZ8%2FN%2BQQl7dBNLDhR2M2kg%2Bb26mLzWTfDP%2BJvwniBG5F4y2wW1N4zGO%2Fq27ZzxMs0UcWEJN0TZb58OT4hiz2NOpgAYIAK37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739984ec2-FRA
cf-bgj: minify

GET
H2 200 lightbox.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 17ms
15ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebbe-f31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHKrzUrDPrbX9sHcSiQ4GhV%2Fid%2FuM1NHSMUVGT1t71WRcY%2BGsu4jFzVvWo2xhh3iKpbr2zUxSDI6vlPt9ANwXV%2Bs0tKmFccCLELFox1%2B4G3ARFSVkK2iEMRpObWIKGDwpjkFZut8rpI42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d27399a4ec2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 flickity.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
898 B 16ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/flickity.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=2521
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNhsXe4tILf8BxyUk%2Fi8A%2FEPLALRlSuBkLRwmMOX5islvq9iku9VsJ7xg01kAeoBnJwSKoni6khIn1oSU60iE30XQb7vZfQGUwmVQUVrkTSruX7f1VgdrcgtnY99RJKXcx2WDFAocDZDGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d27399e4ec2-FRA
cf-bgj: minify

GET
H2 200 iconsmind.css
bowfile.com/themes/spirit/assets/frontend/css/ 80 KB
15 KB 26ms
23ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=102727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-19147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7zYrfJcz28K3SnbajCUL2Myajehy2BzGdIfHwJFwn1xDsjEp3ArTN%2Fl4fUK9v7%2BEXf4Ek3Ew9pYMq0Kgz%2Fp2uCyzHFem0AeNszvDktL2sU2lploIywVGhRDvep36RHzS%2ByNXMkB%2B8P4Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739a04ec2-FRA
cf-bgj: minify

GET
H2 200 jquery.steps.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 20ms
18ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=6019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-1783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHdUFr6SgzoKdhQnJiTLRLKhrnijMEBTU5yMc5xbaSoAUbfDdiQmvpf6%2Fn1Sagil9IwcdRKIQ8i23HkGM4fbQ7m88G0P4gKN0R0BxwMvOxDNLLKllhCEvconmb0PhR4DUv9fhzpS1HZnmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739a14ec2-FRA
cf-bgj: minify

GET
H2 200 cookiealert.css
bowfile.com/themes/spirit/assets/frontend/css/ 12 KB
9 KB 18ms
16ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=12369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-3051"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nedP0x%2Bxllj0bGxy95yuSZGyQZQ82zlHMtgz77PXjS%2FqHk%2Floi%2BOfyab6D51YBBil51X7H%2Fj9BfCwTFu5zNtnNF6tg%2BqPQrqr8E4IXcW%2F3kpBHhKWL%2FDQ3jhDyJ768Vty9kBSnTL0jX8ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739a54ec2-FRA
cf-bgj: minify

GET
H2 200 theme.css
bowfile.com/themes/spirit/assets/frontend/css/ 159 KB
29 KB 20ms
18ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=207645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 22 May 2021 14:46:41 GMT
server: cloudflare
etag: W/"60a91951-32b1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE7BP5VQVGhmuOhL4ht2kOFOHBBUDtgaifkaEgb3PrIqQnJTPMyH4XdkH%2F5pBFmMOVtAGMqCcl%2Fk7A77E7Ora%2B%2F420YbwnUf8cXx%2F9paImxdmrTEXdO4FPWwbzhDx9CALOhhwn1%2FHrM2YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2739a74ec2-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 58 KB
13 KB 21ms
19ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebbe-e6ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOqGWQQKdB4%2FAmzkvd27V2b8%2BR0MTortWlXCnaUgGVD5VN2R5Y4PW0GEw2RkQaYA%2BJP0EjWrqwPq4v7BXFWGIe0UiS0ezGSjYEIevCZ0qY8j0UJDmOd2aBqCZ9yQ4%2B77gfg2jrwKgtQO1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2739aa4ec2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 custom.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 44ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/custom.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261731
cf-polished: origSize=8936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Feb 2021 16:28:48 GMT
server: cloudflare
etag: W/"601c20c0-22e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX8o3dadPMDWMbncQgPqpAJxqRf0PMlPLdBd50RH2HaF6cwVEfoeW%2FwmqQejvSfuUAOvjg3TOK9jkFvBcmApKPHCrZazR2r5yutruB%2BXgi5mVrI2YX7pnebiGAYwCMAldAApdyAOfLkcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b530d2749b44ec2-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3985348b4ce7ed09ffc7be119c4e1c5759734fdec2972f5643e187b513463118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 09:25:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 10:53:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 10:53:14 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 10:53:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 10:53:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 10:53:14 GMT

GET
H2 200 xads.js Show response
bowfile.com/js/ 151 B
493 B 37ms
36ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/js/xads.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7%2FQTzNV14ZMLalXBlRAnPLfn5j7HYzc8uK%2B1gIYw3PJSEQ6whHq5zLw1rtX8wJJUEPYpGmIjzM5v%2FxCmjG6G4yvaO8%2FCk23VcPnGog%2FjUT1NTgm2jrFGQS%2Br7621op42H7JYxI3SjFxeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, no-cache
cf-ray: 6b530d2749b74ec2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 primary.jpg
bowfile.com/themes/spirit/assets/frontend/img/adblock/ 13 KB
13 KB 44ms
42ms Image
image/jpeg 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/themes/spirit/assets/frontend/img/adblock/primary.jpg
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261730
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12809
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-3209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LsYgOMMgmW9wvXWOwHxzgqhUFXXMzsoPTuSo2mg0oM%2Bs2jDC6cQySdwADoeDVohSHwPDC2ey4VsZ2JXXwQGZ0aTpOeD4Q3fWupRgq%2Bg7SGyHm0mgtJBLue1Mcy3l76nGFc3oR3yU%2F2vdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b530d2838096955-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 153ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0806dfc187ccfca02a1440e63039ed8944431c424cc3097a854036f33de5adba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51206
x-xss-protection: 0
server: cafe
etag: 14852131770741472206
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 10:53:14 GMT

GET
H3 200 lg.png
bowfile.com/ 788 KB
788 KB 44ms
42ms Image
image/png 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/lg.png
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261730
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 806415
last-modified: Wed, 19 May 2021 00:28:32 GMT
server: cloudflare
etag: "60a45bb0-c4e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FeeW5DocTdSWu%2BeaiBrI30EkkfGezqhrpIfglsyraNIJIkxTVu22WvzKprDCEYgYEPI2I%2FdyMJ%2BRv9oWW2WjiMmvI7yCz1CEvrPbahChC0tZI%2Fa8m1Ob%2BNjrm5LHrxdfjsmOPsPRUyyMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b530d28380b6955-FRA

GET
H2 200 / Show response
d26adrx9c3n0mq.cloudfront.net/ 200 KB
66 KB 208ms
179ms Script
text/plain 2600:9000:214f:800:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c0a92292fb1114614cdc078065b5ea0b37382dfa4363146a6ecadfe932617d7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 67537
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-amz-cf-id: jHqyNKO-a23i-_wX4OSjcoF3JUp9oTTzCf3O_MJScqlLJHvxrCK3Vw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 144ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bf76432222d26c9be2ffda66816eee7e252accb5f91bbcbbd4eba9f3ea56c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Origin: https://bowfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51182
x-xss-protection: 0
server: cafe
etag: 17112978197204225349
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 10:53:15 GMT

GET
H3 200 jquery-3.1.1.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 85 KB
31 KB 36ms
33ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebc0-152b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhZKceUq20KnrZKM3YTDxCmbJhlZzbelCubZtad0fO2f8QBtVE54Tj0BGL%2Bzbr5yPV6DQ2xyQbipwbBv5BaG4fJxWN8%2FPhDcxB4vA6xiTOsQwYxUehIazai%2BftXTLRiOX1NN%2FfWpNrYuyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d283feb6955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.dataTables.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 68 KB
20 KB 52ms
49ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebc0-1107a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ob4Gwwq74H%2FhOS3Lh3QAt4a7hatKjX10KwtkTtyBs3zPBZCoGhxzJpIuV2nBZMbrqDRmzlMKhZeh8rpah%2FoZvXAlNJvnfptAj%2BKKt3Bkfm%2B0kMhmNytrnpti1xJRrmPSmI5F1ACIgV2QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d283ff06955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 flickity.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 53 KB
15 KB 28ms
26ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebc0-d271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yFHBot2%2B1gOgs9Bse39v8EUrybp%2BVfpazw3gJ1nGBDCAaK0Gucj1xeQacR3mu0EiifxmwbYwWERhnYWBfvERtvOH2%2B2pc5izTlZJkVKRwgO0XgrH3gDZ%2FGP1ttsgXcBbHLK3Sc%2B79kAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d283ff36955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 typed.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 4 KB
2 KB 53ms
51ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/typed.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261731
etag: W/"5f8bebc0-f6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGsLFpHMPn2OQATOQgnJGlah3zZcX7ZWOlzUHTA97jykBu8ncPn8kmSoFFHhWFlJcnCG62zrkqKK4t9Aq2uUEJAn8dYi4%2F1Wh%2B%2FNO1pUekwJn1a9bcNlB2S02G%2FM9YJHElViv4Hp2an5%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d283ff96955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 datepicker.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 20 KB
8 KB 54ms
51ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/datepicker.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261730
cf-polished: origSize=20975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-51ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g%2F7DHTfFgrpmjlcemoEWZ5FFTyrrw4e%2FPlMCY1KyDGXPSE573bee1WV%2Bj5m5KmhXd%2F8ImC4%2BLD4gxeZoGT6oBHMVsfAmaBZdWMUIIr%2BsIkRN%2FuAOw2UWVN9jdzU9Yms1DqZLrXEhNoBbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b530d283ffb6955-FRA
cf-bgj: minify

GET
H3 200 granim.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 10 KB
3 KB 54ms
51ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/granim.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261730
etag: W/"5f8bebc0-298b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuxiEvYuFa7EeiPrTBPBczvxUDe2GTvyZ%2BpFYw5xfO5nf1V3I4c4C8YYqdd1XO01kBlDXkTigvFj9dLWhY3b0Dv6oLTAx0ieTyZAeAxj0CUlqxT5m5nXVZ8H4ZrGygHifWCuvUJn0%2Fk%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d283ffe6955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.steps.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 14 KB
5 KB 54ms
52ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261730
etag: W/"5f8bebc0-3626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH1i9Aoe0PTp0WzZaihGPM83XyZUJK2vWQIn%2BIe24nfGNLAUKp6%2BVWmeGGR4JD3%2BF23doe9UzcihQnsuhN%2BZ8iBHLZ61B8NUR515krLlA6yW9AmOcvI%2Brw0Gm6Cn6j1Q1tV9P5Q%2B9UoQQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2838006955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 countdown.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 5 KB
3 KB 44ms
42ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261730
etag: W/"5f8bebc0-14f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmQcm6STXsdRzI5wAiA2z9csp6ZUBT%2BauzHL8zMGud2izZmzJCSK9qaPtTe17cIEc4dhtrFyRYIvYHEO5Zq79qPNerdQ%2B7k%2FNJhHpdNwCxTQzuAQ5xK0OERc%2BI818mDqB%2BJ4ye7ySakqrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2838026955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 smooth-scroll.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 6 KB
3 KB 44ms
42ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 1261730
etag: W/"5f8bebc0-178c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIqCaRoSx7xY3zroeZA9vjy97MRG29h4DfkMitwvWjkobxu%2BNY%2FRhu626C9mJgILYVa1f3YCgD9ksEIOOwZ7IjT0bGcIcgppZNim3X9O%2BCrdzXX1Q0I4WidmMDLp9hYP7CLJY%2FseY3%2Bdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2838056955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 scripts.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 65 KB
17 KB 55ms
52ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/scripts.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261730
cf-polished: origSize=114862
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-1c0ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5wnZU44NSk6lNdqe2WyMSfPCTJ7wjTJCiwSJ4O7AA0KjUolHl%2BcvmjLnnJ1gUhQ6WVoJoiJwjSxOqRaC8jVABNqZhC6WARR1Wpe3Gxu2WcpQjoobyqhysAUbD5ZbROxLLTPO0HexSf9YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b530d2838076955-FRA
cf-bgj: minify

GET
H2 200 c.js Show response
waust.at/ 12 KB
6 KB 53ms
25ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 825
last-modified: Mon, 03 May 2021 17:48:53 GMT
server: cloudflare
etag: W/"60903785-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36MFSQR0M%2BD9C4sjUHGxL8QUoedhEqIyAKYLVg7kOm50l3O6tWTDOMJLDHV7vs%2BmFhJDTrqRUvW%2BGYJVAg4X3RjJZi4WVkO%2BVD7OJ0YwWDupWQoU5I9XalIij1kB4oyYF9i0Ih4a"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6b530d285ec05be5-FRA
expires: Mon, 29 Nov 2021 10:39:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 138ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ade96352fe85074759b2b3cc84fc1683ffe037f930627c93d2a1abde612a15ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61766
x-xss-protection: 0
expires: Sun, 28 Nov 2021 10:53:15 GMT

GET
H3 200 cookiealert.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 935 B
1 KB 55ms
53ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1261730
cf-polished: origSize=1836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-72c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDT5LC3wH2so2Y%2BJPUsh2cl%2FkwsFethvpEvb9XQj6QgmTQi8ksVipI6mVWHLmUfNba1w5gqww51CkEyGUYxdJgqMiF8kdPyAkpuBnTDnwGscPDd2qKncu3PoUnRB%2BMYkz7Y4FlImKAb2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b530d2838086955-FRA
cf-bgj: minify

GET
H2 200 / Show response
d301cxwfymy227.cloudfront.net/ 47 B
446 B 212ms
168ms Fetch 2600:9000:211e:4200:12:fc33:3bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d301cxwfymy227.cloudfront.net/
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 73
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-id: Y-rWeSoehvT52krHLoxgfC34T7Yk2kakyRErtJgmVcImjvaq2aywmw==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 41E0 11 KB
5 KB 121ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 06:55:30 GMT
expires: Sun, 12 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 14265
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
d26adrx9c3n0mq.cloudfront.net/ 200 KB
0 29ms
13ms Fetch 2600:9000:214f:800:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 67537
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-id: dzcWEslsg5bQbdk4D4n0-56w6HdmvBtawjceaG9afqRvQeNmgxJxCA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 162073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 204 utx Show response
alukizeia.one/ 0
411 B 137ms
112ms XHR
text/plain 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/utx?cb=dwIQ11U46jPb&top=bowfile.com&tid=939463
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-74.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 96oVyYl9pLn6XzDg1G_df8Ea7Xfqo1-4i_uaErfK7l2bEfE43f-UFQ==

GET
H2 200 ZWwxa0IEDlIGfQRRU003FwAMTnAjSQMtJldaUA8wHVVSWCxVAUBFIQkDRA8kFwNfH2wLCUVOcCMrYgcELAlnBDI1BWgNGDFYBScHNwZUPCpdOAMHMSoWQjwMIRxCKhEWCFcBKl0lc152BDgAJiQhWEMnBzcdUy9yFSpLWnEBFQEzDT0IVgkqAkkDKQkiFAkzO1FaY... Show response
alukizeia.one/ Frame AD7D 3 KB
2 KB 103ms
97ms Document
text/html 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/ZWwxa0IEDlIGfQRRU003FwAMTnAjSQMtJldaUA8wHVVSWCxVAUBFIQkDRA8kFwNfH2wLCUVOcCMrYgcELAlnBDI1BWgNGDFYBScHNwZUPCpdOAMHMSoWQjwMIRxCKhEWCFcBKl0lc152BDgAJiQhWEMnBzcdUy9yFSpLWnEBFQEzDT0IVgkqAkkDKQkiFAkzO1FaYQIMICJbXzgqLlYbDhw1BC8aEkkDLQ8tOWQlFiRYeykXUg4DJg0xJGNdJi0cewgoVVh7A3JUPGIhNjZeXgAIMl19CiwRBGsALkBedw4QKxhiWS1cI3IxEgcBCAIBCRReDisJSQMpFj0iRzJxSAtoICgKVX06dkBedyAGCgR1M3tRKgJaCQc7YwIkCRReDiwOBnQ4dgs8ZloOIjsIAScnOUsiFjcYYlktESJyGBErO39bJw4HBCIrKAJ3L3sTNUZeAwcrYwMYDl1CDQUzAWU8exM1AgwJKhVGHA0NLhRZBAAuVVIRCF1aMixQCn1YIUMGQgQsFVF4OQVRBQUyBldURF4
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-74.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 1207eb71bd21bb60a9fd16c2eac2b916cd8c501d4522db8d05bc27e50c5c96e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

content-type: text/html
content-length: 1233
date: Sun, 28 Nov 2021 10:53:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: mHDNJiYyf6SgVXc2LUI_8bazK1V-vbJ0qz34A4IxT6W9L8u8PG4erw==

GET
H2 200 PygRDiU4DygOMxoedjIEJwcgZQYDWx1qJxAfNw Show response
alukizeia.one/WHdIaVA5FSsEbzlKKk8lKht1TGIeUnovNGpBKQ0iIE4rWj5oGjlHMzQYPQ02KhgmHX42EjxMYh49BgcgOSQcJwYeIxkfFB0+HDk+CTwKPB4uES8gAR00IwQIDS0AIicRNS1ZNxMyHT8CADR8EwYvAwMPEw4kHythNhV5MwkfICxdFg4ULSYYCT8... Frame 3B3E 3 KB
2 KB 98ms
97ms Document
text/html 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/WHdIaVA5FSsEbzlKKk8lKht1TGIeUnovNGpBKQ0iIE4rWj5oGjlHMzQYPQ02KhgmHX42EjxMYh49BgcgOSQcJwYeIxkfFB0+HDk+CTwKPB4uES8gAR00IwQIDS0AIicRNS1ZNxMyHT8CADR8EwYvAwMPEw4kHythNhV5MwkfICxdFg4ULSYYCT8NKGhvEw5cChkzBQUIaRMuCBFgMA8sIH1FDgwnFRIMPR02IXkCHhMgPysSMCY9CxEdMBtbIDY2MCcaHzA/KxI/RzIjJw00EFs7FDEvOxsRGXAhGGlOJwwGEjALAwkrJQ4kCRUkCiEVaBArDxEZNR4ufTRSei8WPyUDCjkSFRkBM2oVCS9hAEUgXAhpTxo5Yi81CgFgfUUOIjwwLR1aaW82eTwDEzQSDAVpTictJzc2Hi4gNjU/Kx06GishEWlOJwwFGi8ALSNvICAnGRA/PygRDiU4DygOMxoedjIEJwcgZQYDWx1qJxAfNw
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-74.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3d9e0ebe19da30b2e75e62461c7a2a61d2c7afe67f5e52c6b7a562382749a886

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

content-type: text/html
content-length: 1211
date: Sun, 28 Nov 2021 10:53:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: nNqD3AOkGwy8B_Pe9OOXCiYmsqOJENuIl80XxGMZwtx1C05MVOPhzQ==

GET
H2 204 YmZRUTdNWTIiCjExNSZUDhYmBGIkIDAJDjA1FB9HByBkEGU1EXclXgZbaGIOVlBid0cLAmxgERESMCVCEVtgd14MAD5sERRbYH8EVkhjYhlVQCRsBkQSITBQX1d3IUMWCmxgAVFeYWgBVV9kYABS
uleqasfor.one/ 0
529 B 139ms
108ms Image
text/plain 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/YmZRUTdNWTIiCjExNSZUDhYmBGIkIDAJDjA1FB9HByBkEGU1EXclXgZbaGIOVlBid0cLAmxgERESMCVCEVtgd14MAD5sERRbYH8EVkhjYhlVQCRsBkQSITBQX1d3IUMWCmxgAVFeYWgBVV9kYABS
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxLDXZriJO1dhRqa4EErblQacsW0iHHDc%2BEp%2BqjR%2FseLeMEQsYEqSdb9565PpyKbBnuNeNrwEMx9zSoUwmQLoag%2FGIS92XXJobzzgUjjgIkseMOLY8fKznXV30LdXQNA1S8ZMOXJfMknAvgk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b530d2a3ae94e37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 113ms
89ms Image
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 194ms
114ms Image
text/html 2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 353ms
273ms Image
text/html 2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1455201204252520&plah=bowfile.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3961001cc08256cca22d5c760007463848957944e3bff01133f6a39baec7ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99574
x-xss-protection: 0
server: cafe
etag: 131921068270848877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 10:53:15 GMT

GET
H3 200 stack-interface.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/ 4 KB
5 KB 17ms
17ms Font
font/woff2 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Origin: https://bowfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4292
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-10c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64O1AIrdBVwt1%2FJFw49SZIcrrdDIe%2BhXJyhsJ2wL4vt7aTzjOzpXSn8PMzSjsHsXrljQp9S5Mgz2n08xE6ntmhp1B8v6gb0vfd%2FdjjX9yDbg%2F1XhCNuRK2PTrXpiFDKZPqkv2psuL4fIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b530d2a1d1b6955-FRA

GET
H3 200 fa-solid-900.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/ 78 KB
79 KB 24ms
24ms Font
font/woff2 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Origin: https://bowfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80148
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmXdVDcrCZR2V2OBbr0AR9SPbULY4Efyiyx0AQ4J%2Fpt0fvylao5zE%2FAYHSvlgXxWpncprsnc5PHmEFIOKWK%2BfOf2%2BEN8QTtacMYNhXqGWp3PrnDmDF8F9z4ZCORWJntQwfJpX3ZAXyGkJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b530d2a1d1e6955-FRA

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 17 KB
17 KB 122ms
116ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:26:25 GMT
x-content-type-options: nosniff
age: 419210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:26:25 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 293ms
95ms Script
application/javascript 158.69.139.238
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fael&j=
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip238.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 10:53:15 GMT
X-T: 0.763
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl2
Expires: Sun, 28 Nov 2021 10:53:14 GMT

GET
H2 200 / Show response
freychang.fun/ 15 B
722 B 142ms
116ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287249f61301e7985f1544086f624ebaded9508fcacad23df5d9e230f68c3844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWIfgJxq1F6GdPLOilD0%2FASpVJ4Qobn0MVHHk3fANPcHoJvdW8f9lmSkuh37Kz49FT9tkhwWW9E7vXj7vs1R7nO2R4gJzY62RLmXTxLLPnzLWKO0VFyjc4xDY1T5EDRYZ8%2F7cWW9Srepo5qq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b530d2b8f926977-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
145 B 328ms
109ms Script
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=4priswyaav&t=FH4_Update%20v1.473.944.0.rar%20-%20BowFile&c=c&x=https%3A%2F%2Fbowfile.com%2Fael&y=&a=0&d=0.629&v=27&r=6543
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.94 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: d4a5922296cbd7abf4379a3b61e5f9f21bf3d6a6a23143a40076a4513230b5bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 124ms
43ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G45GX6EFX2&gtm=2oeba1&_p=1289315918&sr=1600x1200&ul=en-us&cid=947170705.1638096795&_s=1&dl=https%3A%2F%2Fbowfile.com%2Fael&dt=FH4_Update%20v1.473.944.0.rar%20-%20BowFile&sid=1638096795&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bowfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bowfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 99ms
53ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&es=1&e=gtm.init_consent&eid=1&ut=C&tc=16&z=0

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 101ms
55ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&es=1&e=gtm.init&eid=2&ut=C&tc=16&tr=1setproductsettings.1ogteventsettings.1ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 100ms
54ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&es=1&e=gtm.js&eid=3&ut=C&tc=16&tr=1gct.1lcl.1lcl.1ehl&epr=1G.2G&ti=1gct.1lcl.1lcl.1ehl&z=0

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 95ms
52ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&es=1&e=gtm.dom&eid=5&ut=C&tc=16&tr=1ytl&ti=1ytl&z=0

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 96ms
54ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&e=gtm.init&eid=2&ut=C&tc=16&tr=5setproductsettings.5ogteventsettings.5ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0

Requested by

Host: bowfile.com
URL: https://bowfile.com/ael

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:15 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
635 B 132ms
44ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bowfile.com&callback=_gfp_s_&client=ca-pub-1455201204252520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1455201204252520&plah=bowfile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d2e981471f1141548f70a6cf6bdd73cc7cf08bc7b626ab4316bcefb914d45f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
45ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D67 89 KB
31 KB 705ms
658ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1638096795&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fael&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795200&bpp=5&bdt=465&idt=239&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=2381404846500&frm=20&pv=2&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BhieFRC1ed&p=https%3A//bowfile.com&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471cc007be5180c3fea68e7077b52d3a49a7a757dfff6d29ffc0e8dcfd6ac38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Nov 2021 10:53:16 GMT
server: cafe
content-length: 31873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: private

GET
H2 200 eBd9Sm1kYn5fL3c Show response
d26adrx9c3n0mq.cloudfront.net/GSlFIeVopPiYfZT44LERjeWh8T2lsOzsWNDpsASsdfjh8IB54aT1MfD4rLERqbD0pFz13dy0XOXdgbhg+KGx8Xy46PiNENj4zOBgpLyY5DXw/MHUUNTA4JBU7b2MOTHR6dHpJcj04Jh01PSJtS2okJW1LanthZkl/eRNtS2... Frame AD7D 752 B
806 B 166ms
166ms Script
text/plain 2600:9000:214f:800:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/GSlFIeVopPiYfZT44LERjeWh8T2lsOzsWNDpsASsdfjh8IB54aT1MfD4rLERqbD0pFz13dy0XOXdgbhg+KGx8Xy46PiNENj4zOBgpLyY5DXw/MHUUNTA4JBU7b2MOTHR6dHpJcj04Jh01PSJtS2okJW1LanthZkl/eRNtS2o9OCZPbm9iClxoeil+TXNvY3-gYKjo9LQ4/KDohDX94F31KbWRiflxoenkjES4nPW1LGW9jeBUzITRtS2otNCsSNWN0ekk5IiMnFD9vYw5AbGRhZk1sfGVmTW9vY3gKOywwOhB/eBd9Sm1kYn5fL3c
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/ZWwxa0IEDlIGfQRRU003FwAMTnAjSQMtJldaUA8wHVVSWCxVAUBFIQkDRA8kFwNfH2wLCUVOcCMrYgcELAlnBDI1BWgNGDFYBScHNwZUPCpdOAMHMSoWQjwMIRxCKhEWCFcBKl0lc152BDgAJiQhWEMnBzcdUy9yFSpLWnEBFQEzDT0IVgkqAkkDKQkiFAkzO1FaYQIMICJbXzgqLlYbDhw1BC8aEkkDLQ8tOWQlFiRYeykXUg4DJg0xJGNdJi0cewgoVVh7A3JUPGIhNjZeXgAIMl19CiwRBGsALkBedw4QKxhiWS1cI3IxEgcBCAIBCRReDisJSQMpFj0iRzJxSAtoICgKVX06dkBedyAGCgR1M3tRKgJaCQc7YwIkCRReDiwOBnQ4dgs8ZloOIjsIAScnOUsiFjcYYlktESJyGBErO39bJw4HBCIrKAJ3L3sTNUZeAwcrYwMYDl1CDQUzAWU8exM1AgwJKhVGHA0NLhRZBAAuVVIRCF1aMixQCn1YIUMGQgQsFVF4OQVRBQUyBldURF4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ab7211e847fd1446233dcdc56a36715bb7b930450de146b2ce7034605ccfe1e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 529
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-amz-cf-id: ODymZA2LHgJJbV68FtSB_VuCd813PA4qsP0okAw6J3EDb8O73G3E8A==

GET
H2 200 KlhZU397A1USKCZeU19oDwoAVGpnBwBMbmcHA19oeUBXHDs7WhNIHHwAAVRpfxVDRw Show response
d26adrx9c3n0mq.cloudfront.net/JNnpaSTNVFTQvDEITPnQKBUNvfgIQECkmXUZHKwIBe0gKEUVRXC4zVwtKfCVSWB1nb1ZYGWd4FVceOHQHEA87dF5ZADMlX1dfaA8GGEp/ewMeDTMnV1kNKWwBBhQubAEGS2pnAxNJGGwBBg0zJwUCX2kLFgRKIn8HH19oeV... Frame 3B3E 281 B
534 B 161ms
161ms Script
text/plain 2600:9000:214f:800:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/JNnpaSTNVFTQvDEITPnQKBUNvfgIQECkmXUZHKwIBe0gKEUVRXC4zVwtKfCVSWB1nb1ZYGWd4FVceOHQHEA87dF5ZADMlX1dfaA8GGEp/ewMeDTMnV1kNKWwBBhQubAEGS2pnAxNJGGwBBg0zJwUCX2kLFgRKIn8HH19oeVJGCjYsRFMYMSBHE0gcfAABVG-l/FgRKciJbQhc2bAF1X2h5X18RP2wBBh0/KlhZU397A1USKCZeU19oDwoAVGpnBwBMbmcHA19oeUBXHDs7WhNIHHwAAVRpfxVDRw
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/WHdIaVA5FSsEbzlKKk8lKht1TGIeUnovNGpBKQ0iIE4rWj5oGjlHMzQYPQ02KhgmHX42EjxMYh49BgcgOSQcJwYeIxkfFB0+HDk+CTwKPB4uES8gAR00IwQIDS0AIicRNS1ZNxMyHT8CADR8EwYvAwMPEw4kHythNhV5MwkfICxdFg4ULSYYCT8NKGhvEw5cChkzBQUIaRMuCBFgMA8sIH1FDgwnFRIMPR02IXkCHhMgPysSMCY9CxEdMBtbIDY2MCcaHzA/KxI/RzIjJw00EFs7FDEvOxsRGXAhGGlOJwwGEjALAwkrJQ4kCRUkCiEVaBArDxEZNR4ufTRSei8WPyUDCjkSFRkBM2oVCS9hAEUgXAhpTxo5Yi81CgFgfUUOIjwwLR1aaW82eTwDEzQSDAVpTictJzc2Hi4gNjU/Kx06GishEWlOJwwFGi8ALSNvICAnGRA/PygRDiU4DygOMxoedjIEJwcgZQYDWx1qJxAfNw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0b3db25def14307904bb47c93b68f20cf46613d7d7a468269b41095770b397f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 257
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-amz-cf-id: xdNMAEmzOfFMBq33MrabdNblJ7kH8JBaec2NChInLsSnSc_fG7SwFw==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4186 109 KB
35 KB 318ms
282ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1638096795&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbowfile.com%2Fael&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795269&bpp=1&bdt=533&idt=190&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=2381404846500&frm=20&pv=1&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=193

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4d69b74c21bd29286c46a40577b6f574f22deeea63638e4f02e28ab3dcf1c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Nov 2021 10:53:15 GMT
server: cafe
content-length: 35303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Nov 2021 10:53:15 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 288ms
97ms Script
application/javascript 158.69.139.238
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=6fw2iqox6z&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=2iqo&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fael&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip238.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0c37c9fd178b8e97afc731b582e6f1211e739d5858b7f0401dc48e65b2f6178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 10:53:15 GMT
X-T: 0.183
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 28 Nov 2021 10:53:14 GMT

GET
H3 200 popunder.gif
uleqasfor.one/ 35 B
667 B 43ms
28ms Image
image/gif 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 28 Nov 2021 10:53:15 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 21:24:59 GMT
server: cloudflare
age: 134896
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1gI%2FM%2FyMdgKXaQBleg0f5%2B2nlluS%2BVWUmiNbHdyu4X1QkGonIXaB8j9mJXVOOqWYbXWNUWj2d7VuzGZ0LRqrWC%2B0N8ztFjUgnvEOx113qTelIuJFbwPRIsecGOzaherky8SxqcZGgL%2FSTeC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b530d2d8b522c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 58ms
16ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 34381
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b530d2dbd941f21-FRA
expires: Wed, 01 Dec 2021 10:53:15 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 147 KB
52 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e40dd539c61876199e4ad7ca8db8ab0b04f47ec16731d6e8ccbc47ac52d8174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53390
x-xss-protection: 0
server: cafe
etag: 16518245302572105131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 10:53:15 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 322ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0&t=FH4_Update%20v1.473.944.0.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 94ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 10:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/ Frame 4013 11 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 11:15:29 GMT
expires: Sat, 11 Dec 2021 11:15:29 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 85066
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 4013 7 KB
4 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:01 GMT

GET
H2 200 1fbe479ac890063fc5be4921f3467642.js Show response
www.gstatic.com/mysidia/ Frame 4013 8 KB
4 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fbe479ac890063fc5be4921f3467642.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3713
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4013 3 KB
579 B 90ms
46ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 09:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 10:53:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4013 1 KB
960 B 163ms
75ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:32:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4013 19 KB
8 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:48:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4013 2 KB
1 KB 164ms
77ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:50:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4013 119 KB
37 KB 132ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4013 15 KB
6 KB 133ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:43:36 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 4013 27 KB
11 KB 127ms
45ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 12:44:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4013 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdtA_m1-jYa26IOmh1fAP_LMowL6c4ma5psri5gz_9ZDj1wIQASCQgZMjYJXikIKgB6ABq9W0uwLIAQGoAwHIA8sEqgTdAU_QxMbhBjoiJkbZIVyixU_47zP1s1ftxfSumu-zkFzg_sXoC_BmJMPPjMhz5bUGuYYwve7Bi3zfl7-zLlohwA3a6yihzb8YArmKkry-5ZIhnjJRfk5yz3nd0Kho30Qt1W8wIfidyWepIPsG_dQevCMUafPkkss_iZQMM-uC1ZCsEhw3WbMcVoRZa16RU6PtyDZbmA37rpqY2CN2IdFaGqSTzTH0eQLYcrLMVWCZwiUu4AybaaMzuN2l0YPw0zBc77Og5i53dkiSy8KkbH_Bd79dMlGCd_nrmT_f0diOwAT06p-rvAOSBQQIBBgBkgUECAUYBIAHxbSTyQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCB_gnSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTQ1NTIwMTIwNDI1MjUyMBgA&sigh=K_85RB1R9Sg&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Nov 2021 10:53:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D92E 143 B
163 B 38ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Nov 2021 10:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 319ms
103ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!4priswyaav&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:15 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 29 Nov 2021 10:53:16 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0&t=FH4_Update%20v1.473.944.0.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
DATA 200
OK truncated
/ Frame 4013 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd934c9f9ed51ddc7986494b50f7201aa4a4eab4b38e7217c6ac01e165389cff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 5D67 7 KB
3 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1638096795&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fael&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795200&bpp=5&bdt=465&idt=239&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=2381404846500&frm=20&pv=2&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BhieFRC1ed&p=https%3A//bowfile.com&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:01 GMT

GET
H3 200 1fbe479ac890063fc5be4921f3467642.js Show response
www.gstatic.com/mysidia/ Frame 5D67 8 KB
4 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fbe479ac890063fc5be4921f3467642.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3713
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D67 3 KB
579 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 09:43:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 10:53:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5D67 1 KB
880 B 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:32:19 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 5D67 19 KB
8 KB 85ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:48:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5D67 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:34:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D67 119 KB
36 KB 98ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5D67 15 KB
6 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:43:36 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 5D67 27 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 12:44:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D92E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

108ms
108ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Nov 2021 10:53:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Nov 2021 10:53:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8277 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 20:09:52 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0&t=FH4_Update%20v1.473.944.0.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D67 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG7Qnm1-jYZ2rIP2V1fAP8OKrwA7AvpziZrmmyuLmDP_1kOPXAhABIJCBkyNgleKQgqAHoAGr1bS7AsgBAagDAcgDywSqBNoBT9B5W79hmjRhmkgAwq8LM2Omn2UqcZItvnPVf38YmYUWq0L4fODXXBjakUJ-U9nsEZKKjEbfZcCiZUiSuRYo4d567XcsTJQwQDbsFuuSpLbVsjC5vYo2G-mko29dpG_i8FuQUJ4GEmen5S74iRQxQkS-iM-kfbOThkjoxkFTqQJ5Cl92g1qRrf2-7GA8yLuB2yn-pnxDtJZfdwQavplQ0CfGo0uB51yt39AETC7Hh4s1d5vRqA6qVtT8i9WfJA3NWczbXnMzwaOJ0qMnfoaYs9zr0VI8td3RIiXABPTqn6u8A5IFBAgEGAGSBQQIBRgEgAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPefMdIICQiA4YAQEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xNDU1MjAxMjA0MjUyNTIwGAA&sigh=IW2-ADxH-Ak&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1638096795&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fael&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795200&bpp=5&bdt=465&idt=239&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=2381404846500&frm=20&pv=2&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BhieFRC1ed&p=https%3A//bowfile.com&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Nov 2021 10:53:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4BBF 143 B
163 B 39ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1638096795&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fael&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638096795200&bpp=5&bdt=465&idt=239&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=2381404846500&frm=20&pv=2&ga_vid=947170705.1638096795&ga_sid=1638096795&ga_hid=1289315918&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063737%2C31063793&oid=2&pvsid=60377324528004&pem=796&tmod=1047050213&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BhieFRC1ed&p=https%3A//bowfile.com&dtd=251

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Nov 2021 10:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5D67 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e56a3b87c2ad8b44c3bc326d40e50fb4f0411aef7a31badb3f5fff0b9636064b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
103ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5D67 21 KB
21 KB 82ms
37ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 410310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5D67 21 KB
21 KB 97ms
54ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 491510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:21:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4BBF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

97ms
97ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Nov 2021 10:53:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Nov 2021 10:53:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame BBFC 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 20:09:52 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1638096795820&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/ael
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/ael
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 94ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f90193a1fb4b1676a1464d70e5456fa6f1c812313d4ce7fff5406ba006c71c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 10:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 28 Nov 2021 10:53:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1051 12 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 28 Nov 2021 00:46:40 GMT
expires: Mon, 28 Nov 2022 00:46:40 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 36397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0BF 783 B
535 B 99ms
49ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b930ea3afd52ff1fd523fdcb4434478cc8254a44b5dce196bcea5b1e2e94930f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Z/UwwKqmgFgv3flI9BZEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Nov 2021 10:53:17 GMT
date: Sun, 28 Nov 2021 10:53:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3Z/UwwKqmgFgv3flI9BZEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1051 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 20:09:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0BF 0
0 75ms
75ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=60377324528004&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=60377324528004&bg=!goGlgcXNAAZQLpa_UC47ACkAdvg8Woz4pbS72y7H8jVEHvE7Xr82-veGN4sDKm724qdOIw24gx4zTQIAAABnUgAAAAtoAQeZAnueyuzuvsD3SIJ5xRtBXB3fDnogVZYIwX2HZqalAV03yYwAmnn46wteH5SMjgmGOBNtih9YXh1iGjlQB1Bd74QOOOffzxaCMW82MMI0Os2xmFhWgS3ucD7atmJd2uZQmnGOMwEi9EV2JhjDUnCu6N8mVkG1BExjPyjh9IMyc2uanZ4fdHuLI-Ui5bh8rm7lxq38FUpfQqtkTcRyBTUPQRQfmGvxWGx79NPq7G8nbcL6rkhhFklkVQloMgQ-YKhYlB7Ci6Hu4DhfuGHFglNh6g9Pyj44ALJpi0Y7teM0_7UElOTPwk1aP4p1SEAj_dlr5pgrjTtqq2UtYk9kuXMud6f1SCY8uOAr05BBCtMaCP9SWFyHWHeJrfyM1c-4aWN2D18JBY_AA5bpdARY6MOPEWK2dQh4W441YDNOQIwmHdQKSAGeWwZBtYTDdU_-puZ8Wd8Z7zN9d7zy5WBapzBgoMTQQBxJgMuM7cNV1BZWxf0XeNVKrKr2nvWCSLhxiMrxB9lOZHK6p4OiF9XvSOiA0uUlOU6qaoXhRWLv64lVyQvzafytce1WlykA_2WBpKwwZ6mW3JYpNMC2Q3qRmS_aRteTbA5oD_vGJdDVTWFB3XqMwL_hY8okdcyRTvOufU3eJ4btgWw3WrIwkkbhTXMxiynIuAkTopMjj3wxc1WAhKILIg6scaBkNWaAVaF8igD10HH8PFSW-Ft0-IY772971hRqPbX--aqm9861Z32a4GZCz55RB6wD0jgexFF3CISA51UgBCGUoM2nRvvxtdjr_H6x4fakStBwf4zY82V_J-QcvflZF8mN_HSLJpj8gngtpkNfd88DFf5eTpMXjQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 53ms
53ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-G45GX6EFX2&cv=1&v=3&t=t&pid=433089085&rv=ba1&es=1&e=gtm.load&eid=6&u=C&ut=C&tc=16&tr=1sdl.5sdl&ti=1sdl.1sdl&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:17 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D67 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAVgesl45MTFBbRzcY__nb-b0p73GEORQPbF69Iuvf5GxXuEIJB-OQ_p2QzDgWWbbPcfTu2eGXbdMvjKo9cdPr8CzRdwAuUIT0Ncb7BPr6qvw4LHQhRQ&sai=AMfl-YRz0zsQbDk2SnTY24x1S9WGcrS4iJVZ92lXqiqT06d9qAiVox7OQnSg7mFX0LL0utgDanWSt93NY4UD&sig=Cg0ArKJSzHrIMZeuPZB2EAE&id=lidar2&mcvt=1000&p=35,0,315,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3160410531&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638096795453&rpt=1184&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4013 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKE9koDsi13RapbxPGIqrKxKgFgXlQxeCli7Gf3087HnLzpUTdRz91QokVmRF3lbAh8p-ge0jUUPk4uC43IV9RzZ8mfwQAb2xGeVgxjDIL16ws3ceLvw&sai=AMfl-YTNZyRwezusp9Fd1rX5ynAw2YTO9outFnpgPHAmp4BkTLhsQgiQuaev1d9d8NcrtxMBTm_IojL2g7eB&sig=Cg0ArKJSzOuUFx1gjNXZEAE&id=lidar2&mcvt=1000&p=113,298,237,1303&mtos=601,816,1000,1116,1300&tos=601,215,184,116,184&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638096795907&rpt=311&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 10:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bowfile.com/	1970-01-19 23:03:03	Name: filehosting Value: 3aabnjku7m3gkg63tmmqt5v8vj
.bowfile.com/	1970-01-20 16:32:48	Name: _ga_G45GX6EFX2 Value: GS1.1.1638096795.1.0.1638096795.0
.bowfile.com/	1970-01-20 16:32:48	Name: _ga Value: GA1.1.947170705.1638096795
.bowfile.com/	1970-01-20 08:23:12	Name: __gads Value: ID=4eb714f94857b540-2249796b06cc0001:T=1638096795:RT=1638096795:S=ALNI_MbPzK1PKCqa39zbnvS62MRSZanuzg
.dtscout.com/	1970-01-19 23:01:41	Name: m Value: 1
.dtscout.com/	1970-01-19 23:01:54	Name: b Value: 1
.dtscout.com/	1970-01-19 23:01:51	Name: oa Value: 1
.dtscout.com/	1970-01-20 01:25:36	Name: df Value: 1638096795
.doubleclick.net/	1970-01-20 08:23:12	Name: IDE Value: AHWqTUkTpOOPIrQ3HOE5zGKL4uTKybLmapbbdGw18uSrm6G2JvoxYI8YskCAjzwn_5s
.doubleclick.net/	1970-01-19 23:01:40	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-1455201204252520&fa=1&ifi=3&uci=a!3&btvi=1 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
alukizeia.one
bowfile.com
cdn.tynt.com
d26adrx9c3n0mq.cloudfront.net
d301cxwfymy227.cloudfront.net
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
ic.tynt.com
pagead2.googlesyndication.com
partner.googleadservices.com
t.dtscout.com
tpc.googlesyndication.com
uleqasfor.one
waust.at
whos.amung.us
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.29.199
142.250.186.98
158.69.139.238
2600:9000:211e:4200:12:fc33:3bc0:21
2600:9000:214f:800:b:b271:7c80:21
2606:4700:20::681a:407
2606:4700:3030::ac43:dadd
2606:4700:3035::6815:30d7
2606:4700:3037::ac43:cde6
2a00:1450:4001:801::200d
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a03:2880:f12d:83:face:b00c:0:25de
52.222.236.74
67.202.105.32
67.202.105.34
67.202.94.94
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57
0806dfc187ccfca02a1440e63039ed8944431c424cc3097a854036f33de5adba
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0b3db25def14307904bb47c93b68f20cf46613d7d7a468269b41095770b397f8
0bf76432222d26c9be2ffda66816eee7e252accb5f91bbcbbd4eba9f3ea56c47
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
1207eb71bd21bb60a9fd16c2eac2b916cd8c501d4522db8d05bc27e50c5c96e3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
287249f61301e7985f1544086f624ebaded9508fcacad23df5d9e230f68c3844
2b1f68172beb5a7d0e43940de18831c5ef80c4c30e8eab0673618a66cca764b7
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
2f90193a1fb4b1676a1464d70e5456fa6f1c812313d4ce7fff5406ba006c71c6
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
3985348b4ce7ed09ffc7be119c4e1c5759734fdec2972f5643e187b513463118
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3d9e0ebe19da30b2e75e62461c7a2a61d2c7afe67f5e52c6b7a562382749a886
3e40dd539c61876199e4ad7ca8db8ab0b04f47ec16731d6e8ccbc47ac52d8174
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471cc007be5180c3fea68e7077b52d3a49a7a757dfff6d29ffc0e8dcfd6ac38
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7
a0c37c9fd178b8e97afc731b582e6f1211e739d5858b7f0401dc48e65b2f6178
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d69b74c21bd29286c46a40577b6f574f22deeea63638e4f02e28ab3dcf1c1b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
ab7211e847fd1446233dcdc56a36715bb7b930450de146b2ce7034605ccfe1e7
ade96352fe85074759b2b3cc84fc1683ffe037f930627c93d2a1abde612a15ab
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
b930ea3afd52ff1fd523fdcb4434478cc8254a44b5dce196bcea5b1e2e94930f
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686
c0a92292fb1114614cdc078065b5ea0b37382dfa4363146a6ecadfe932617d7f
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c3961001cc08256cca22d5c760007463848957944e3bff01133f6a39baec7ce1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2e981471f1141548f70a6cf6bdd73cc7cf08bc7b626ab4316bcefb914d45f14
d4a5922296cbd7abf4379a3b61e5f9f21bf3d6a6a23143a40076a4513230b5bb
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56a3b87c2ad8b44c3bc326d40e50fb4f0411aef7a31badb3f5fff0b9636064b
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48
fd934c9f9ed51ddc7986494b50f7201aa4a4eab4b38e7217c6ac01e165389cff
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

bowfile.com Open in urlscan Pro 2606:4700:3037::ac43:cde6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

117 Requests

100 %HTTPS

73 %IPv6

20 Domains

27 Subdomains

27 IPs

4 Countries

1902 kBTransfer

3905 kBSize

10 Cookies

5 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bowfile.com Open in urlscan Pro
2606:4700:3037::ac43:cde6 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

73 %
IPv6

20
Domains

27
Subdomains

27
IPs

4
Countries

1902 kB
Transfer

3905 kB
Size

10
Cookies

117 HTTP transactions
4 data transactions