eliterohanonline.forumeiros.com Open in urlscan Pro
94.23.150.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eliterohanonline.forumeiros.com/
Effective URL:
https://eliterohanonline.forumeiros.com/portal
Submission: On October 26 via api (October 26th 2023, 12:04:36 pm UTC) from US — Scanned from FR

Summary HTTP 183 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 29 domains to perform 183 HTTP transactions. The main IP is 94.23.150.222, located in Netherlands and belongs to OVH, FR. The main domain is eliterohanonline.forumeiros.com.
TLS certificate: Issued by R3 on September 24th 2023. Valid for: 3 months.

This is the only time eliterohanonline.forumeiros.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.23.73.212 94.23.73.212	16276 (OVH) (OVH)
1 3	94.23.150.222 94.23.150.222	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
15	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:cc00:1c:96c8:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
28	2606:4700:303... 2606:4700:3038::6815:eb4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
32	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	46.105.202.207 46.105.202.207	16276 (OVH) (OVH)
2	195.201.153.71 195.201.153.71	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.7.96 108.138.7.96	16509 (AMAZON-02) (AMAZON-02)
1 5	2a01:4f8:fff2... 2a01:4f8:fff2:d::	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1f::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4675	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.110.17 18.66.110.17	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	212.83.160.162 212.83.160.162	12876 (Online SAS) (Online SAS)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
3	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.57.19.78 23.57.19.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::44	26667 (RUBICONPR...) (RUBICONPROJECT)
6	104.75.90.29 104.75.90.29	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
1 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	52.222.236.76 52.222.236.76	16509 (AMAZON-02) (AMAZON-02)
4	34.249.13.87 34.249.13.87	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.109 65.9.66.109	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
3	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
183	48

1 94.23.73.212 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)

eliterohanonline.forumeiros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.23.150.222 (Netherlands) 1 redirects

ASN16276 (OVH, FR)

eliterohanonline.forumeiros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:466 (United States)

ASN13335 (CLOUDFLARENET, US)

cache.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:cc00:1c:96c8:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

ac.audiencerun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3038::6815:eb4c (United States)

ASN13335 (CLOUDFLARENET, US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.202.207 (France)

ASN16276 (OVH, FR)

ads.sportslocalmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
floor.sportslocalmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.153.71 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.153.201.195.clients.your-server.de

www4.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-96.fra56.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:fff2:d:: (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

api.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4675 (United States)

ASN13335 (CLOUDFLARENET, US)

ac.aruncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

comparisons.sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.160.162 (Thimory, France)

ASN12876 (Online SAS, FR)
PTR: kube-rr.sirdata.fr

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.90.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-90-29.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-76.fra56.r.cloudfront.net

invocation.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.13.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-109.fra56.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 am-trc-events.taboola.com — Cisco Umbrella Rank: 12677 images.taboola.com — Cisco Umbrella Rank: 1957 pips.taboola.com — Cisco Umbrella Rank: 1909 cds.taboola.com — Cisco Umbrella Rank: 2514	976 KB
28	2img.net 2img.net — Cisco Umbrella Rank: 299171	447 KB
18	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 2681 smarttag.rubiconproject.com — Cisco Umbrella Rank: 15873 eus.rubiconproject.com — Cisco Umbrella Rank: 916 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8318 token.rubiconproject.com — Cisco Umbrella Rank: 764	67 KB
10	illiweb.com illiweb.com — Cisco Umbrella Rank: 321541	37 KB
8	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 949 gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822	8 KB
7	cheqzone.com invocation.cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 62759 obs.cheqzone.com — Cisco Umbrella Rank: 9556	90 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 static.doubleclick.net — Cisco Umbrella Rank: 400	163 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	964 KB
7	consentframework.com 1 redirects cache.consentframework.com — Cisco Umbrella Rank: 42089 choices.consentframework.com — Cisco Umbrella Rank: 37066 api.consentframework.com — Cisco Umbrella Rank: 38663	124 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 imasdk.googleapis.com — Cisco Umbrella Rank: 657 jnn-pa.googleapis.com — Cisco Umbrella Rank: 305	315 KB
5	topicit.net connect.topicit.net — Cisco Umbrella Rank: 768734	8 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9583 api.viglink.com — Cisco Umbrella Rank: 21589	31 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	43 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945	70 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	forumeiros.com 2 redirects eliterohanonline.forumeiros.com	75 KB
3	sportslocalmedia.com ads.sportslocalmedia.com — Cisco Umbrella Rank: 91868 floor.sportslocalmedia.com — Cisco Umbrella Rank: 107857	196 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	190 KB
2	aruncdn.com ac.aruncdn.com — Cisco Umbrella Rank: 150585	134 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 11696	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	672 B
2	cbox.ws www4.cbox.ws — Cisco Umbrella Rank: 721212	860 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223	31 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662	17 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 65873	535 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	2 KB
1	sovrn.com comparisons.sovrn.com — Cisco Umbrella Rank: 25775	1 KB
1	audiencerun.com ac.audiencerun.com — Cisco Umbrella Rank: 249028	5 KB
183	29

	Domain	Requested by
28	2img.net	eliterohanonline.forumeiros.com
17	cdn.taboola.com	eliterohanonline.forumeiros.com cdn.taboola.com
10	illiweb.com	eliterohanonline.forumeiros.com
9	trc.taboola.com	cdn.taboola.com eliterohanonline.forumeiros.com
7	www.youtube.com	eliterohanonline.forumeiros.com www.youtube.com
6	images.taboola.com	cdn.taboola.com
6	eus.rubiconproject.com	smarttag.rubiconproject.com eus.rubiconproject.com
5	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
5	connect.topicit.net	eliterohanonline.forumeiros.com connect.topicit.net
5	api.consentframework.com	1 redirects eliterohanonline.forumeiros.com choices.consentframework.com
5	static.criteo.net	eliterohanonline.forumeiros.com
4	api.viglink.com	cdn.viglink.com
4	jnn-pa.googleapis.com	www.youtube.com
4	eliterohanonline.forumeiros.com	2 redirects eliterohanonline.forumeiros.com
3	cds.taboola.com	cdn.taboola.com
3	pips.taboola.com	cdn.taboola.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	obs.cheqzone.com	invocation.cheqzone.com
3	invocation.cheqzone.com	cdn.taboola.com
3	beacon-ams3.rubiconproject.com	eliterohanonline.forumeiros.com
3	smarttag.rubiconproject.com	ads.rubiconproject.com
3	ads.rubiconproject.com	eliterohanonline.forumeiros.com
3	c.amazon-adsystem.com	ads.sportslocalmedia.com c.amazon-adsystem.com
3	www.googletagmanager.com	eliterohanonline.forumeiros.com www.googletagmanager.com
2	am-trc-events.taboola.com	eliterohanonline.forumeiros.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	bidder.criteo.com	static.criteo.net
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	securepubads.g.doubleclick.net	ads.sportslocalmedia.com securepubads.g.doubleclick.net
2	fonts.gstatic.com	www.youtube.com
2	imasdk.googleapis.com	ac.audiencerun.com ads.sportslocalmedia.com
2	ac.aruncdn.com	ac.audiencerun.com
2	www.google.fr	eliterohanonline.forumeiros.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www4.cbox.ws	eliterohanonline.forumeiros.com
2	ads.sportslocalmedia.com	eliterohanonline.forumeiros.com ads.sportslocalmedia.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ob.cheqzone.com	invocation.cheqzone.com
1	mug.criteo.com
1	cdn.id5-sync.com	eliterohanonline.forumeiros.com
1	secure.cdn.fastclick.net	eliterohanonline.forumeiros.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	js.cookieless-data.com	choices.consentframework.com
1	static.doubleclick.net	www.youtube.com
1	floor.sportslocalmedia.com	ads.sportslocalmedia.com
1	cdn.jsdelivr.net	ads.sportslocalmedia.com
1	www.google.com	eliterohanonline.forumeiros.com
1	comparisons.sovrn.com	cdn.viglink.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.viglink.com	eliterohanonline.forumeiros.com
1	ac.audiencerun.com	eliterohanonline.forumeiros.com
1	choices.consentframework.com	eliterohanonline.forumeiros.com
1	cache.consentframework.com	eliterohanonline.forumeiros.com
1	ajax.googleapis.com	eliterohanonline.forumeiros.com
183	54

This site contains links to these domains. Also see Links.

Domain
vilarejodownloads.net
www.forumeiros.com
ajuda.forumeiros.com
www.consentframework.com

Subject Issuer	Validity	Valid
m91.maxns.net R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
illiweb.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-23` - `2024-04-22`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.audiencerun.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-26`	a year	crt.sh
2img.net Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
ads.slmads.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
cbox.ws R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
viglink.com Amazon RSA 2048 M02	`2023-09-13` - `2024-10-11`	a year	crt.sh
topicit.net Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
aruncdn.com GTS CA 1P5	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
comparisons.sovrn.com Amazon RSA 2048 M02	`2022-12-21` - `2024-01-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.consentframework.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-20`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.cookieless-data.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-21`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.cheqzone.com Amazon RSA 2048 M01	`2023-05-31` - `2024-06-28`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://eliterohanonline.forumeiros.com/portal
Frame ID: 4AF54B895203776D9F1906558EF1B8DA
Requests: 93 HTTP requests in this frame

Frame: https://www4.cbox.ws/box/?boxid=3545715&boxtag=8187&sec=main
Frame ID: B612439FDFC6A32C2D230770FCE22ECC
Requests: 1 HTTP requests in this frame

Frame: https://www4.cbox.ws/box/?boxid=3545715&boxtag=8187&sec=form
Frame ID: C76C9F84A57CD91F3E97A396A46FC576
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
Frame ID: C77411025C3F9123A882541DC3C2181A
Requests: 15 HTTP requests in this frame

Frame: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1
Frame ID: 730A187F83986CE48B8D16FCB7CA3C78
Requests: 2 HTTP requests in this frame

Frame: https://connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1
Frame ID: CA28F7900D08E3AE3F7D6F89A27F8A81
Requests: 2 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 775D316F3B9428510B6FFC7194E508AA
Requests: 20 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 8B0CBD80ACC52574A70A9AA2443FAF90
Requests: 17 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 8039240078FA9CB38FDD02209905C005
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Frame ID: E7201F5C51322EE7722F53087DA97802
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Frame ID: 8655AA71EDFA6601236B293E13A7E5B9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Frame ID: F82924AD67B999C5D6BA2CDC2564E26F
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eliterohanonline.forumeiros.com
Frame ID: ADDFF1EB72CCF9797F8D566EB81228CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forum gratis : .::FORUM ELITE BR - ROHAN: BLOOD FE - Portal

Page URL History Show full URLs

http://eliterohanonline.forumeiros.com/ HTTP 301
https://eliterohanonline.forumeiros.com/ HTTP 301
https://eliterohanonline.forumeiros.com/portal Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

183
Requests

98 %
HTTPS

61 %
IPv6

29
Domains

54
Subdomains

48
IPs

7
Countries

4063 kB
Transfer

14704 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://vilarejodownloads.net/

Search URL Search Domain Scan URL

URL: https://www.forumeiros.com/
Title: Forumeiros.com

Search URL Search Domain Scan URL

URL: https://www.forumeiros.com/invision
Title: Invision

Search URL Search Domain Scan URL

URL: http://ajuda.forumeiros.com/
Title: Fórum gratuito de ajuda

Search URL Search Domain Scan URL

URL: https://www.consentframework.com/
Title: websites

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eliterohanonline.forumeiros.com/ HTTP 301
https://eliterohanonline.forumeiros.com/ HTTP 301
https://eliterohanonline.forumeiros.com/portal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://api.consentframework.com/api/v1/public/profile?origin=https://eliterohanonline.forumeiros.com HTTP 302
https://api.consentframework.com/api/v1/public/profile?bounce=1

Request Chain 75

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 144

https://gum.criteo.com/sid/json?origin=publishertag&domain=forumeiros.com&sn=ChromeSyncframe&so=0&topUrl=eliterohanonline.forumeiros.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=w-6GW3xGMUc5NFg2Mm1TNjdSN2lDUTZTa1lJNkZtbFlXZ0prMndZMERsOENrbVN5dTNYWElFS1VkYWxhZmdSVWU0NmNmMjFwT1BOSmZraVVxY0xiejJxa0NGMEZNTkhBbHAvYThSNTJuL2pZOC9NejdtMnhOZTZjNGpKTGFXS2ZOZWxmd05HKzBxQ1l5aVUrd2p6U1pwQ1ZQeURPZnRTNHVSdENWU0xELy83UVRsNDhCRUh2R29JR2FZTWNYQXJLNGtuaHhPd2JLbW5FVVJCYitVeTRFNXRrZWl2QTFNeXdCcDl6ZzF1SjlBcExwQzVZQzRRT0E4UStLdUJIQ1lmVUorWUwxYVFKTTBIQjJEWFNlMjZpV2oxTlA4dz09fA&cppv=2

183 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request portal Show response
eliterohanonline.forumeiros.com/
Redirect Chain

http://eliterohanonline.forumeiros.com/
https://eliterohanonline.forumeiros.com/
https://eliterohanonline.forumeiros.com/portal

67 KB
14 KB

160ms
160ms

Document
text/html

94.23.150.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.150.222 , Netherlands, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0fcff74a1018aaa12189670c36fb8e4b92b93e488fed60508643002b3d08ad2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=iso-8859-1
date: Thu, 26 Oct 2023 12:04:24 GMT
expires: Thu, 26 Oct 2023 00:00:00 GMT
last-modified: Thu, 26 Oct 2023 12:04:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

content-length: 0
date: Thu, 26 Oct 2023 12:04:23 GMT
location: https://eliterohanonline.forumeiros.com/portal

GET
H2 200 4-ltr.css
eliterohanonline.forumeiros.com/ 177 KB
61 KB 95ms
93ms Stylesheet
text/css 94.23.150.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eliterohanonline.forumeiros.com/4-ltr.css

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.150.222 , Netherlands, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7ae2a649612ccffd3b709cb2dd925aea1e53bff58bf236c30aaa140eadb41264

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/portal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Oct 2023 00:00:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: HIT
content-length: 61954
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 14:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 14:08:36 GMT

GET
H2 200 notutf8-pt.js Show response
illiweb.com/rs3/79/frm/lang/ 72 KB
18 KB 87ms
32ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/lang/notutf8-pt.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30735eded1ed8dfd5f8e532ed21c7e93457c1f7a09acc68a65d7994507b5e5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417699
cf-polished: origSize=73760
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 16 May 2023 15:02:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZJiaBVHFqvDp0Wc%2BZ5O8pQJnzbrJmRI2b9VkDfXajdHyPCdxU2wtH%2FV1ur2Y82izu%2FXofT%2FkcIreHUGtAt3ZTKTW52pWO%2Boqb%2FzJS%2FGq6BVIW9WH5z8dNQMaIiztRzlAdRMYpZjFRbWCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 81c28fc37f893cd4-CDG
expires: Sun, 20 Oct 2024 16:02:45 GMT

GET
H2 200 ticker.css
illiweb.com/rs3/79/frm/jquery/ticker/ 388 B
489 B 83ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/jquery/ticker/ticker.css

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484461
cf-polished: origSize=390
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zk52PQ%2BamHyYisxrnOdmlVpHHxXdiuQ9XE9lk7Wqkt5GKBloGiP%2BK2qLv%2FY98sWbGpkqiKSVA5EPKieHCq%2FL%2FjvEhnQGdxHeJPmQOYmwmnNTWqygABfHfj5ltkg%2Fkcc7IAi3rwwtdJkdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f853cd4-CDG
expires: Tue, 08 Oct 2024 07:43:23 GMT

GET
H2 200 ticker.js Show response
illiweb.com/rs3/79/frm/jquery/ticker/ 8 KB
2 KB 87ms
33ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/jquery/ticker/ticker.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8a9047726cfcd05302f4fdf912b21fd636b8f13f98a6f49e3f31dbdadde621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484458
cf-polished: origSize=9485
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 11:21:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J1f2l7U95C7T%2BiExeGCRx%2FlGVHfodvnvHQk9VGfhG3Jjy6dYVqTgSFHa7%2BqaVIkQmyW6m9Ccxvh4GaioTL4f3N3EDDWvXoyvl9l%2FhLOJ5VP29t%2F98kSs0kHEZ6rdb4jmzviAgSwOriEEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f8a3cd4-CDG
expires: Tue, 08 Oct 2024 07:43:26 GMT

GET
H2 200 invision.js Show response
illiweb.com/rs3/79/frm/ 2 KB
953 B 84ms
30ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/invision.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e77f614809cdcb611e93bf4c2e161b65c5c0aa00cc5c0eba09859fc5b58d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484460
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Wed, 08 Sep 2021 09:55:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f5mvHBctuw2eJXo9m7DGGx7sMGeIl1C8POLFSDXUQwZGaTjPCcG08No1v71IM6Rw%2BhAQ%2FrNduV7uN7DjFrQ%2FliNNKqOJ2Vv3gL94rGNmQvOb741eQKSdVKKaiElJkf1e719CBlx7p8Jjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f8e3cd4-CDG
expires: Tue, 08 Oct 2024 07:43:24 GMT

GET
H2 200 stub Show response
cache.consentframework.com/js/pa/24697/c/IxWav/ 2 KB
1 KB 80ms
27ms Script
text/javascript 2606:4700:20::681a:466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.consentframework.com/js/pa/24697/c/IxWav/stub

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 11:40:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1459
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZPxsXakedfBX9EJJd3Bqjwi%2BCglXOtrYBDSMZXsOfDjzHx1DNxrGZCtQZOz6q4xbI9eM3Dxl5HD3u4ScdyeZARxidMc3sIm5d0EWSc75gOsG7tnIy3VEbX9NFGltO6j3NgSU1ZCfvPmEoXQZdo0mzbYusbJmilF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 81c28fc37c743c7a-CDG

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/24697/c/IxWav/ 536 KB
121 KB 62ms
45ms Script
text/javascript 2606:4700:20::681a:466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=pt

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56bdc02f91039d1575412ffc2282cacabad84f85c02c97791a4ca7a08e19978a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 10:39:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3066
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob1pFu3M9JEne1OFI26CkQCGUFxQUIcOu8CJdWqvDC8HgFjdQPQrlLIncfQWtdZ2NJwF8iLgUF%2FRZfu77bGIvlXbTGT36C60kIWwT3O8Ng9bPjoLvgT%2Fvz3wPY7qCQ8Ll1ZMqAe%2BSUhl1%2Bg3YkWgGTpEhDkJnZ9KA3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 81c28fc45dc53c7a-CDG

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 88ms
43ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9f95ce24f7186391b10a8b34d68c15dda26a8dba6fda804a6d315488933ea2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 25 Oct 2023 08:33:57 GMT
server: nginx
etag: W/"6538d2f5-2018d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Oct 2023 12:04:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 105ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99985b39f1eb2f07862dacc9c1f4a6cf9362f413f81174d7d3b6377a09241ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 12:04:24 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/79/frm/jquery/cookie/ 1011 B
809 B 82ms
29ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484462
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuENFX%2FL%2Bg1kiPoDvWMOKHFxkW7MUC7VBbghGNe%2BGdi7qY%2FLfDxWEY%2FcLGNqNpcM3lwOMrhJ6EYjTBd%2Bm3AMySxsUHO4H1Qme%2BE11qtb%2FEBqaBKLLCwY9nbnFft96UVFt0qMrCBxUoSzDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f8f3cd4-CDG
expires: Tue, 08 Oct 2024 07:43:22 GMT

GET
H2 200 tag.js Show response
ac.audiencerun.com/j/ 12 KB
5 KB 182ms
27ms Script
application/javascript 2600:9000:225e:cc00:1c:96c8:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.audiencerun.com/j/tag.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:cc00:1c:96c8:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7687b8e18c54bd8b6f40e6ed5144891abb3e644e2f7df42f939891467b60fb18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: xyYyC6OnLzBNuT1uHFp8RO6rezdaF2yP
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date: Thu, 26 Oct 2023 07:25:17 GMT
last-modified: Mon, 17 Apr 2023 15:14:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 16748
x-amz-server-side-encryption: AES256
etag: W/"054d6461512dfdcea0024a17944a7000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,public
x-amz-cf-id: bNblLnImGMZF6M4Uk1slcOBTGo8biWR10acye4DOBOqBB1Q98gaAzw==

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/79/frm/mentions/ 17 KB
5 KB 84ms
30ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/mentions/tooltipster.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484462
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5c3NDBpT7chDGF%2BrfRJZutpEW70hnzFT7xOzaC4Xv33ysxWsnZe3FbooFnRRcz41xIGTEKU1AFxOeCqrYHgoHF2s6IKLnZ99Vk%2BOKsa8LgVeV2xOxkG15P8XnGMRIXI39mdzE0uysFa3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f903cd4-CDG
expires: Tue, 08 Oct 2024 07:43:22 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/79/frm/mentions/ 2 KB
1 KB 97ms
43ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/mentions/init.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484462
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 14:29:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7jGXQs%2FTg6VWYPl8BFAThJpTZJsS11TxAPgqMOdPyKEAfVQaAFlg4VnvAfYy%2BcXmXf3yP15UDD5QAqnVIX8Z2XrHAEsycTGhUPXXYRjbaYtWimuhSrHrquT3nC%2FUUz34yXjvqF7%2Bo8ZYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc39fad3cd4-CDG
expires: Tue, 08 Oct 2024 07:43:22 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/79/frm/mentions/ 6 KB
2 KB 81ms
28ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/mentions/tooltipster.css

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484462
cf-polished: origSize=6667
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvkCU21r4rbfIq9%2BHXuhRK5ly1EEkBEuJY97ePUEGKEBGQ4801ss8PcnLsp%2BaITaW%2FZBDTG0Mrfh56n6xSZtf3QYsO49swBzpgflRrkwNTQR3w%2B5o0c9NPqfTyJZKyJpxlet8bY1ZcN9Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f883cd4-CDG
expires: Tue, 08 Oct 2024 07:43:22 GMT

GET
H2 200 twemoji.min.js Show response
illiweb.com/rs3/79/frm/twemoji/ 17 KB
4 KB 84ms
31ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/twemoji/twemoji.min.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6d7eb9d5977c8e8afff02542e4ce24bded625c4f36818f7d51044713db62e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484462
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 10 Jan 2023 08:34:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJXefywORYb1tQwoIvUGVwqjcIPhd%2F8rblgIBsRUM8KzdeTeIeMfBZ2NZx%2B6cUTKdZTgK0UR0jnrbJaSEJioDNGeVhGEIuAgAHVJKDZcSQZl8yyTdCcUwjJ5qDgAGBHxxpIyj2vhS58uQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 81c28fc37f8c3cd4-CDG
expires: Tue, 08 Oct 2024 07:43:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 44ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7411c7e394bf6f7d1854d72cd1a0773489268dd22966d4271aa6b391cec4fb63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 12:04:24 GMT

GET
H2 200 forum_1.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 8 KB
8 KB 121ms
67ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/forum_1.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24e8116e1a1840020e73d085906e99a6724afe5475f48d7015a6569810e50ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8366
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jan 2009 05:43:30 GMT
server: cloudflare
etag: "49644102-20ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi%2F8SbfLDWrBTjms8ulcos4HM3rlTZkHgzWs37w%2BGi%2BXBgkDC9VLzYCcSVokf09brWs7WrXzWlUHc4pYSrfmrqOFkYxrYtmD8jcG90FuKz1n8oO1AuAhu41izjUt7ytAlGwFTn24Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc37f15f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 portal.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 9 KB
10 KB 120ms
66ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/portal.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89855e4460a8c2ae3a49fb4224b83ed6944cd6480d77a81e4f73bc55936ab8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9195
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jan 2009 05:43:24 GMT
server: cloudflare
etag: "496440fc-23eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpEn1obGg7ximt9Nu3cx5RJlVysCtaZsDYF7q0YWylYXYnBxgBJjedaXa7EN3Aq%2BrrxDUy%2BK9Of1mL7k0o1%2B%2FsBx5qIchdHPFMZI5NDziRTB6mWfwwgf6CjKw%2F2qIPUG5ahYimsO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc37f1af0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 buscar.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 8 KB
9 KB 52ms
51ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/buscar.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbadc5e94abb019abe92e6647425b6102f6c8a651c5ba3d1a06e079b6e37f34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8639
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jan 2009 15:52:16 GMT
server: cloudflare
etag: "496cb8b0-21bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHIhleXxEcPX8CSFRVZM%2Fek1a5%2Flgom72OGIO9vq2kD0W%2BIBndsuvp3oONBS08mkcIMeDPIvEVy9RMWinM58jMR%2FMdLiMdSF9ShvgpzP73O%2BmABG6r%2Fm4PQmaNOWRSLS2UvTQP6vVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc3e808f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 empty.gif
2img.net/i/ 43 B
371 B 35ms
26ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/empty.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20451663
alt-svc: h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Mon, 09 May 2016 08:45:50 GMT
server: cloudflare
etag: "57304e3e-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYx6hiTznW8Jy0sYZCJw3zsxCcMlg69y4m2m0Bf9FSfqAvziyn0ldF6hyXw1ZZBeaOxHNm76sFl9cc5jGh7ogWBlWsKAsb7fu16lkP342LYJFoJ1acp68yuNcJ4H2RzOg%2F0nh07KQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc448bdf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i_icon_mini_gallery.gif
2img.net/s/t/13/27/82/ 838 B
1 KB 55ms
55ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/s/t/13/27/82/i_icon_mini_gallery.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bfe11b66a1130fddfcc17cb40b20734bc0982e418242b772575a70442f09b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 838
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 17:12:40 GMT
server: cloudflare
etag: "4cc85d88-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmbEKgNe5YhucSKLrDOP9u%2FGco1S2Z7NNGAzBhxF36w3%2FqWyglAfHH%2FmUEvnsVk7ULjM2x0FAFLJlVan2Nwfkk2svHHhJuxe8dh2FftagB1dhR7CnD4ellF8wgf%2BOiHgX9T%2BkFkd%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc3e809f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cadastro.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 9 KB
9 KB 64ms
55ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/cadastro.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a436d7b17d03c30e7bb6d50430ce59c312952f7994b7e49356f51a9bbba233d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8844
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jan 2009 05:51:25 GMT
server: cloudflare
etag: "496442dd-228c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu4%2BzqyPXv%2FomNsUdCNi8ylrZfd8ByhWHyxg0DZFMA0EDScmvlttGOH2xbW6bbJRoRPBcXWZ9PdVyk%2FtS0OXald6GDiaRRuKtOz3Qnc7iy9HZp2Jc6yNZxqnajmdO9ZpZbuc8AMuOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc448bbf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 empty.gif
2img.net/i/fa/ 42 B
372 B 36ms
27ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/empty.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22895216
alt-svc: h3=":443"; ma=86400
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p22EQMBOXfYUdFopC0wo1DtwDvlYfvjZMTAGwiBV1KO9eaSoDz2O4T6xZoXpaJb%2BWGff4X8a8QxxwwlABUXUbjo7EqkkHAa%2FSUCRqVwaVfh%2BOlWBxF1NQy0ckI0HN5%2BKfUhkblSjXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc458c0f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bannervdcpia.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 179 KB
180 KB 94ms
85ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/bannervdcpia.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb2a7765151232111ceeca8d3097e374ce546322dc5e52b361a36983d31439b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 183463
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jul 2009 23:52:25 GMT
server: cloudflare
etag: "4a6f8f39-2cca7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz1nwz8eWNUNmha1eIiu6JJpczW2bndwpyHiqjQxV57tDRZhxh2Hi35obiGI55zX%2BY%2Fa5U23YitjdbixwjYBy9XUDs%2FrCMiFAuTut9mT3s0iBZRvVeaL4DWCyF0HJh4n%2Byd1wGJYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc458c1f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lol.gif
2img.net/i/fa/i/smiles/ 3 KB
4 KB 40ms
32ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/i/smiles/lol.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13d3affd32623af934b02995ecc02c1cfa1457eb12b5f7491bc6b88a2edfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22895032
alt-svc: h3=":443"; ma=86400
content-length: 3569
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-df1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvVhL7vH%2F2DVj%2BlBxr7qTKk%2Bnjh8a1uGimyUL4sWqdBa3G58o1dfPRub70CRqCtub6OSfI0nps5ukrVe1i0rzBa1as%2FObFt3MXVLNcwQPVgrE5jEkVloqmjGJsbqFyrmumPJiljo3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc458c2f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rohan2-1.jpg
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 117 KB
117 KB 83ms
75ms Image
image/jpeg 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/rohan2-1.jpg

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b03d922b107653220f7648b59f476c612b490d94f1d600d340c9434c21f0a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 119654
x-xss-protection: 1; mode=block
last-modified: Sun, 10 May 2009 22:54:02 GMT
server: cloudflare
etag: "4a075b0a-1d366"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS8NCBjjfrvi%2FfYbwFuP0C3uuz%2BHLV%2FYlV68ZQZJOk0Wj53tt%2F%2BGjmipwZ2Sy0XBiVJKOlXvoS8fgFwrulGAI%2F9aSs1oxX%2BImSpaDunV14ksOaVCrIjGdZbQ2D2r4S8FoLqZK8xVDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc458c4f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 meu_botao_exclusivo_hentaimax.gif
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 8 KB
9 KB 64ms
55ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/meu_botao_exclusivo_hentaimax.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb518b63c532ab3858cb4a0c41d06ed7377470693c5f43aa52c61cf06eaba01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8465
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Sep 2008 21:58:27 GMT
server: cloudflare
etag: "48bc6583-2111"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIA2mjaSjM2Wk30oFGUNfVxqnG6JHT79infFDfO7whmKfpA%2F8WmIP40PGjnhb3Lym3aWH11ykegw90g7ts4IVl3wZ2%2BCewl12jlGJdHwwn%2Bov7XOXu%2FGix2FpPe%2BgJU46fa4YjAxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc458c5f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.marquee.min.js Show response
illiweb.com/rs3/79/frm/jquery/marquee/ 4 KB
2 KB 37ms
28ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/79/frm/jquery/marquee/jquery.marquee.min.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484461
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdZ3npU%2BMQ45zD82FdQ56U595cx10%2BAKbXtLvoRQGLAdIW9LBIaq3CHUrJDYV6%2Fv2eTbaFrVTn6hFpQHEJdPI69RWKpIbWv0u%2FMGCTvcmWiYkBDX0FDPQW1rKxPMKi%2BOUSlHtG99CU76qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 81c28fc448b93cd4-CDG
expires: Tue, 08 Oct 2024 07:43:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 61ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e24acb3acea5d66454a2ef642897d29e2c7e590f843903d35f19af143e20d212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 12:04:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 180ms
25ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 26 Oct 2023 11:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 882
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 13:49:42 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-pt/ 648 KB
57 KB 173ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c832e4e2e8e093e39d83069788d0d03de1ee92e0d79cc7c6f48cd287746583

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: TWEsBCpWixjueV7_k1IQkt6SE4eKthlm
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:24 GMT
x-amz-request-id: ZW3JMB0SKXZXXX70
age: 2420
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57760
x-amz-id-2: XduKc2aVkA2HNMgibQVNB5EDfN4ar7aDiA1cQa2+avbD4GbeA9JQcV2jcP+oazXc7Z9oDa+IFU8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:48:31 GMT
server: AmazonS3
x-timer: S1698321865.514503,VS0,VE2
etag: "69e731648f25407288d7bd74ffdf2319"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 slm.prebid.forumactif.js Show response
ads.sportslocalmedia.com/ 42 KB
12 KB 185ms
30ms Script
application/javascript 46.105.202.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.207 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 162579ed49e13830f571f757619f5062cda07a2b80dab3b0e2127936372ec9ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 10:05:16 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 10:03:32 GMT
x-cacheable: Matched cache
x-iplb-request-id: 33FE298C:EDD8_91EFC0E2:01BB_653A39DC_3426E9:1A064
x-cdn-pop-ip: 51.254.41.128/25
etag: W/"653a3974-a768"
x-iplb-instance: 37064
content-type: application/javascript
cache-control: max-age=10800
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 11570
x-request-id: 951817475
expires: Thu, 26 Oct 2023 13:05:16 GMT

GET
H2 200 background1.gif
2img.net/i/fa/m/ 19 KB
19 KB 35ms
31ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/background1.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/4-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499fecad40d7cedeadad20e507623fe8e619f322d0830518e985b57178aa95b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684017
alt-svc: h3=":443"; ma=86400
content-length: 19095
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-4a97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4UYG3jmogAezEVgiVML5QP9kKLffqhRBJ%2BXk%2FD1qhA7K0kT%2BXwTv6yMOlF7DnvKY%2BDiByZzRKysPHPEGO6P5Se7DY0pjGikZeJl3svOksmcPvxpsFrsfIz1zq7UswBLaI0jW9XLaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc448baf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 25ms
25ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Oct 2024 12:04:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 26ms
25ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Oct 2024 12:04:24 GMT

GET
H2 200 / Show response
www4.cbox.ws/box/ Frame B612 1 KB
860 B 99ms
30ms Document
text/html 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.cbox.ws/box/?boxid=3545715&boxtag=8187&sec=main
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 200f26641cc379f087491ed62c1b10a2ed9fd57f8e989eede3f518dc32145945

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 12:04:24 GMT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
server: nginx
x-cache: MISS

GET
H2 204 /
www4.cbox.ws/box/ Frame C76C 0
0 99ms
31ms Document
text/plain 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.cbox.ws/box/?boxid=3545715&boxtag=8187&sec=form
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=31536000
date: Thu, 26 Oct 2023 12:04:24 GMT
expires: Fri, 25 Oct 2024 12:04:24 GMT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
server: nginx
x-cache: MISS

GET
H2 200 7rWJib6tP00-br&fs=1 Show response
www.youtube.com/embed/ Frame C774 50 KB
15 KB 141ms
66ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e904f00cf80d0dcc77b82905f8bfebd6c8d2e451e2444beef1a6c4db17f7bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 12:04:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i_back_title.png
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 2 KB
3 KB 59ms
59ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/i_back_title.png

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/4-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d183890db9d4ddd4f6a2074932a1a40c22ede5731ecb9f07e1ab9cbc3107c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2218
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Nov 2019 08:58:56 GMT
server: cloudflare
etag: "5dcd1750-8aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8iSrUDK%2F%2BJXn5P%2FoYkDUu%2FKhVAgT%2Besla7TF%2BBViUHFC4FPVyRkyoqzLOIHn3qGfMh8Lu2TKjyjUjvK30P3MJ9re3kozwqyQiDGS9Dr3GXcWgjLYH7HtPUoU11y6gMnbgpVCRNbQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc468e1f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 09feb1280x10242-1.jpg
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 66 KB
67 KB 113ms
112ms Image
image/jpeg 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/09feb1280x10242-1.jpg

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2101b65870627975a11dbb29a9cdc35a7ce79fe879ab407c8a8f109990932d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 67700
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Feb 2009 20:29:54 GMT
server: cloudflare
etag: "499b1e42-10874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGUF%2Fb0M0K85T5FFIB2qgaMcutE6LVmGXa4CT5x7oPkO%2BcQ9dq%2BotCz%2F60SMUQMgx%2BJUch0FfKWg6ICZ%2BBlJpabMn3vpIehMiNrn4%2FBdE0lUhIIY00cgf%2BYMA9y9P2xUOF0dNeNfuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc478ebf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vote_lcap.gif
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 981 B
1 KB 45ms
45ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/vote_lcap.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e3e1daef55d989aa8af87a766ed09da0afb9d3118da70132dadd1dda21ae7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 981
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Jan 2009 13:02:48 GMT
server: cloudflare
etag: "496b3f78-3d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jP1AVEFFhHV0TOOQmFSepLNTVpPhES5JFF8Sgx3wwnWBIlRn4xx6b%2Fe1ISCPJwN4IJF8pvmPkgyys7vcfFBdX1KjPBHSQDtBUXPNaBVWZLXZWsfv8RcNG6djkvxnH0eNHcSojSmTgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc478ecf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 voting_bar.gif
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 264 B
587 B 44ms
43ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/voting_bar.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b035b619cdfb06d15a49674ddd7d48fac7554a5bb442ae371cf19f77f5ddae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 264
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Jan 2009 13:02:46 GMT
server: cloudflare
etag: "496b3f76-108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPEnjdCrugCMFhbNYN9wOyGufLFrdE9rbFSoZ7WXRc1KO8Efvzja5KaExO1m%2BIJmMjsypMRvxfa2rwbu4FS%2BaF2xWfJ9ZVPEiporLch98ChCf%2FTgeVba%2FmHoQ5cNcYDoLYH8cBWohg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc478edf0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vote_rcap.gif
2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/ 982 B
2 KB 46ms
45ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i535.photobucket.com/albums/ee351/eunaumtenhoid/vote_rcap.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3939082db5ba6750aabfefb91c2a61dc62ce014f01c664a8d3fdb27df51254d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 982
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Jan 2009 13:02:47 GMT
server: cloudflare
etag: "496b3f77-3d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdZJPh57QYF%2FPM3VKfkzatvH23rMMeg0IFoJCC8XQMlt41V0GPIMuedQawVpgnATJDlqet%2F3iqHGwdaVDXRq9H4ozJmG1V9S6PazGiulBYMHuVAFUM8Nga7djTLpoWAHDVv06Vr%2F8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc478eff0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_mini_search.gif
2img.net/i/fa/ 238 B
550 B 25ms
24ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/icon_mini_search.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28692813
alt-svc: h3=":443"; ma=86400
content-length: 238
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CFdNlDxsXafXV2O7%2FJyPo1KZDBLSMp3FraWDbOkrwGlqq2Ps8AJrYwftmWqd8UIP3N3n6pLo246AuCBjVPQNaRuRBGzIMZX3gAqTypiKOyp7GIy%2F%2Bnx6agpXQg3RxB2rZO4AVxHOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fc48915f0a3-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 82 KB
29 KB 96ms
28ms Script
text/javascript 108.138.7.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:30:11 GMT
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 15:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 534854
x-amz-server-side-encryption: AES256
etag: "6c8a8d538bfaf5e3eee3cfe467f261a5"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28925
x-amz-cf-id: pqLHgXScrbKmnBQgWS5LtVpUYyuVxM6uCcTr9a7fguytFwue4bDjKA==

GET
H/1.1

200
OK

profile Show response
api.consentframework.com/api/v1/public/
Redirect Chain

https://api.consentframework.com/api/v1/public/profile?origin=https://eliterohanonline.forumeiros.com
https://api.consentframework.com/api/v1/public/profile?bounce=1

40 B
430 B

41ms
40ms

Fetch
application/json

2a01:4f8:fff2:d::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/profile?bounce=1

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

HTTP/1.1

Server

2a01:4f8:fff2:d:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 12:04:24 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 40

Redirect headers

Date: Thu, 26 Oct 2023 12:04:24 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Location: https://api.consentframework.com/api/v1/public/profile?bounce=1
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 86

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 94ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1366
cf-polished: origSize=5437
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
server: cloudflare
etag: W/"5d653880-153d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlaIRfwLyOmQdo59fPqmKppRAg9c%2BVh%2FqshNdhRB890LV97H3ZEHEnvAQXwLZyLP%2BBiX0SAx5AZFoh94VrmZlLW%2BWmnTV1GFfTF9YnRWpFQ6WrX1OD6%2B78hjlwLkLMSB52qhgEwhKLxfu%2FxypPvdX9aS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 81c28fc61bcad584-CDG

POST
H2 204 collect
region1.analytics.google.com/g/ 0
264 B 77ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VKHBPXN046&_ono=1&gtm=45je3an0v9134894722&_p=41943165&_gaz=1&gcd=11l1l1l1l1&cid=1613727170.1698321865&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698321864&sct=1&seg=0&dl=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&dt=Forum%20gratis%20%3A%20.%3A%3AFORUM%20ELITE%20BR%20-%20ROHAN%3A%20BLOOD%20FE%20-%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 80ms
27ms Ping
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-VKHBPXN046&cid=1613727170.1698321865&gtm=45je3an0v9134894722&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 123ms
53ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-VKHBPXN046&cid=1613727170.1698321865&gtm=45je3an0v9134894722&aip=1&z=1440738414

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20231026-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 814 KB
169 KB 44ms
42ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: K6hlsd2yW_Hzix.HlEZLTIn2r9zUGFsc
content-encoding: br
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:24 GMT
x-amz-request-id: HFDG0SM87MR5DPBS
age: 7427
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172502
x-amz-id-2: 7zXX+tqz/KllSs6Tx/OnuThG7HWrOhdPHlKFfTgfm6jvx7I+tIOPlsJIT7pzT+uIJ2foa6siPa8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:00:38 GMT
server: AmazonS3-br
x-timer: S1698321865.700451,VS0,VE0
etag: "2360df86d9f30659043fb748ff4e84af"
vary: Accept-Encoding
content-type: application/javascript
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16369

GET
H2 200 pre.js Show response
ac.aruncdn.com/j/prebid/ 466 KB
129 KB 104ms
42ms Script
application/javascript 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ac.aruncdn.com/j/prebid/pre.js?47

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b6b311805712db5a8d23981d54327822a438112649fa816c0e6abb731d9206

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
x-amz-version-id: 3oRW8tSghcfXJE_15EP1tOtiWLRy.9G.
via: 1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CDG50-C2
age: 22533695
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Feb 2023 13:03:56 GMT
server: cloudflare
etag: W/"2fbe30d009abc54ff04795c6d14da709"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDduwI7w8Z%2Fn8VA4kmr6jcaXKKrhDE%2BcRReC6%2BSjMy8m2KADljfUtTexnyKMKMmpuEmJVozRrO9XF7XTWVXRhAYh%2BhtV%2FkOj96wvCb90NKdJaL0kzfMe8tauHYzBxNI2NB5l8zOB0z%2F2qL10"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81c28fc6aee3d646-CDG
x-amz-cf-id: X_ffmqSAFRqmBMdHWOh5xmtVhNZF4CJTOSq9sXJnqPm0bb2KF3sEuw==

GET
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
125 KB 224ms
135ms Other
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127417
x-xss-protection: 0
expires: Thu, 26 Oct 2023 12:04:24 GMT

GET
H2 200 player.js
ac.aruncdn.com/f/nat/ 0
4 KB 90ms
29ms Other
application/javascript 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/player.js?3
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
x-amz-version-id: 9CQyxSWvosN2FcbHkXZux__zyG_gXofj
via: 1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG50-P4
age: 19012503
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Feb 2023 13:03:49 GMT
server: cloudflare
etag: W/"cce70f57e3e3f18428efd56750651cc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDoMaF%2F2mfY1vU5E0euKx8sLzDCMQCPX5eFrBXfP5zXagni9FiXztCR5u7jPR%2FipbqdoP2DAKhToBRkVBrDqT%2Bq0zpIwartBjQv4YrbucbUTQ7BptAHX3Kmm2Fqv1GU8iLb48B17c%2BhGLYEM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81c28fc6aee5d646-CDG
x-amz-cf-id: pMIbHQ6ROADYVNbhqGyQwj3aDBJ1jHyeOGjmOzmLhBBKIJ-QuRBU3A==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127080
x-xss-protection: 0
expires: Thu, 26 Oct 2023 12:04:24 GMT

GET
H2 200 slmadshb.js Show response
ads.sportslocalmedia.com/ 709 KB
183 KB 24ms
23ms Script
application/javascript 46.105.202.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.sportslocalmedia.com/slmadshb.js
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.207 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: baa3453d37b4293dc48b614a13c480d3d67bba784630bec84d8ef34ed790ef84

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 10:05:03 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 10:03:41 GMT
x-cacheable: Matched cache
x-iplb-request-id: 33FE298C:91B8_91EFC0E2:01BB_653A39CF_342D9A:1A063
x-cdn-pop-ip: 51.254.41.128/25
etag: W/"653a397d-b1244"
x-iplb-instance: 37064
content-type: application/javascript
cache-control: max-age=10800
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 187212
x-request-id: 173180748
expires: Thu, 26 Oct 2023 13:05:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
217 B 39ms
38ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=41943165&t=pageview&_s=1&dl=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&ul=en-us&de=windows-1252&dt=Forum%20gratis%20%3A%20.%3A%3AFORUM%20ELITE%20BR%20-%20ROHAN%3A%20BLOOD%20FE%20-%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=434784543&gjid=1203318244&cid=1613727170.1698321865&tid=UA-144347007-1&_gid=753631318.1698321865&_r=1&gtm=457e3an0&gcd=11l1l1l1l1&jsscut=1&z=82890525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/9e328581/ Frame C774 377 KB
48 KB 38ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48749
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 09:36:09 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C774 54 KB
17 KB 105ms
99ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17018
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:28:27 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9e328581/www-embed-player.vflset/ Frame C774 318 KB
95 KB 66ms
59ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:00:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97578
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 11:00:24 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C774 2 MB
756 KB 122ms
115ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 773515
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:28:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C774 15 KB
16 KB 435ms
60ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 451036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C774 15 KB
15 KB 441ms
65ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 571070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 21:26:35 GMT

GET
H2 200 loader.min.js Show response
comparisons.sovrn.com/js/ 3 KB
1 KB 509ms
23ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comparisons.sovrn.com/js/loader.min.js
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f755dbaaa79d15340992ec8653f11a8de91ab59e5d8ade29af2727c755d53318

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: zztrMxKRFefsfrfockN6O.yo5b_PAxDP
content-encoding: br
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date: Thu, 26 Oct 2023 06:12:29 GMT
last-modified: Tue, 10 Oct 2023 13:08:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 21117
x-amz-server-side-encryption: AES256
etag: W/"c843d99783cbdd7b1afd7864642b26f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vnCi-wBoPrJT1EN_kqe0ekFIORLNa-8O1dNhz0-3PnGXyqhq1hVU0g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 40ms
19ms XHR
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144347007-1&cid=1613727170.1698321865&jid=434784543&gjid=1203318244&_gid=753631318.1698321865&_u=YADAAUAAAAAAACAAI~&z=1605718787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Oct 2023 12:04:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 light Show response
connect.topicit.net/button/ Frame 730A 4 KB
2 KB 90ms
71ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/scripts/connect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cf8644398e9f128abd5d55a9b68055199c540f9ffe837210246bd306ca01be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 81c28fc7edd6d584-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 12:04:24 GMT
expires: Thu, 26 Oct 2023 00:00:00 GMT
last-modified: Thu, 26 Oct 2023 12:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGVKRjbwXUodjXK8k0reNZRltLKkdPULV5yAgoe%2BGQsEtlK62th4e6yIIv0Aqz6ACMwvcLHpa9T1Pm9RUmReq2oZsJxBl5Tx2shjGuvJ2%2BXr00isbjS2DelNpTQLArNiJtG6K3xxQ9QbkI74r5aYvKZZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache-ne: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 light Show response
connect.topicit.net/button/ Frame CA28 4 KB
2 KB 88ms
73ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/scripts/connect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389c8e15521404615932727c6c8b4701cae08e11c252c43686559b4dfbe92c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 81c28fc7edd7d584-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 12:04:25 GMT
expires: Thu, 26 Oct 2023 00:00:00 GMT
last-modified: Thu, 26 Oct 2023 12:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmwLBWbXw5N%2BWpo22h00IUMf6SFGOA9obkLj89CjcyyXPiHdEjcvgM59BIvdsk530fu6aaF%2BHFMJhTNQCISVjyDa7C7aijy5oCkyZtqgIObDEHspvQg3jIhsn1j%2BRYHoGqTJgI8k9UCG5XrvAnJYvqpQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache-ne: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 344ms
51ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144347007-1&cid=1613727170.1698321865&jid=434784543&_u=YADAAUAAAAAAACAAI~&z=1314002348

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144347007-1&cid=1613727170.1698321865&jid=434784543&_u=YADAAUAAAAAAACAAI~&z=1314002348

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tcstring Show response
api.consentframework.com/api/v1/public/ 25 B
463 B 35ms
34ms Fetch
application/json 2a01:4f8:fff2:d::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/tcstring

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=pt

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff2:d:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 12:04:25 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 25

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 1440ms
1250ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slmadshb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a4bd12952c6b89e70923bac15330dbedd51e926b2c7bcc068e08f5c376e3ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29556
x-xss-protection: 0
server: cafe
etag: 558 / 19656 / 31079133 / config-hash: 18294707092208642472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 12:04:26 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 222ms
34ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231026

Requested by

Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slmadshb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b862cf296d276abfc28afff81b0ff181e3141b46342803acea39a42031a505f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 29011
x-jsd-version: 1.0.1854
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lcy-eglc8600022-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-HhsU0g45tI5PzmP1+sbL8iGIJu0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWEsJX8OU5o90QFDYiR5we16ysxAddjTCgFI0hOlO68TwfOByFKkk8nwLtOW%2Fa75VKpZHh4rzAiNGmktulNK8Z0pbsp7S0VVFT8nKA3loMOxfcKTqcBADvaDDP7PqP77rftK2JiAq%2B28miul1wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81c28fcabbf92a7f-CDG

GET
H2 200 forumactif-desktop.json Show response
floor.sportslocalmedia.com/ 200 B
521 B 127ms
46ms Fetch
application/json 46.105.202.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://floor.sportslocalmedia.com/forumactif-desktop.json
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slmadshb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.207 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9adacc1c627e5d68c7c32f55bf3baec2ac0d56d6f4a445ec177c05039f6cf3d9

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 26 Oct 2023 12:00:23 GMT
content-encoding: br
x-cacheable: Matched cache
x-iplb-instance: 37065
x-cdn-pop: rbx1
content-length: 134
x-request-id: 11371572
last-modified: Thu, 26 Oct 2023 12:00:21 GMT
x-iplb-request-id: 33FE2984:786E_91EFC0E2:01BB_653A54D7_343F4F:B18D
x-cdn-pop-ip: 51.254.41.128/25
etag: W/"653a54d5-c8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3598
accept-ranges: bytes
expires: Thu, 26 Oct 2023 13:00:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 264 KB
65 KB 142ms
63ms Script
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slmadshb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b3cecf3fd1a2f277f8cc679a4b845a254e6ebacece09a7d3a85dcdbc6c82cff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:27:46 GMT
content-encoding: gzip
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 21:00:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P5
age: 2200
x-amz-server-side-encryption: AES256
etag: W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: qTCV-z3dax4SOILIxCoCSJ6_JOhxO8flQzXx90MpYQKLpINE5yGXTw==

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C774
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

35ms
34ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f43614a638eb1caa85822fa9b5470f6bd531d393cdeb824aa99e2f979f5a9ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 26 Oct 2023 12:04:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C774 29 B
495 B 154ms
29ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:55:58 GMT
x-content-type-options: nosniff
age: 507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 12:10:58 GMT

GET
H3 200 icon-white50x50.png
connect.topicit.net/images/connect-button/ Frame CA28 824 B
1 KB 44ms
36ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.topicit.net/images/connect-button/icon-white50x50.png

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f1a41d08d069639dd6313ea2f8c0cf7089e4c1967d3930c467864641149ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 986
alt-svc: h3=":443"; ma=86400
content-length: 824
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Oct 2017 14:06:27 GMT
server: cloudflare
etag: "59d78de3-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO1TibcJ0WAV74CnPY3QbPfGQIgRJwW%2F8SBDTnv9VEOiaTfgyyu8MzTYwpqLZVaili5Z8KaqCjEj1LG887o6ZAQ%2FKrJkpAscZ0xoyHy8wPtvlRMuBnKgYXN%2FP5X8r4iVPKZSzB8AzTYS8B4eAk4Nrx8i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81c28fcaffa2d38f-CDG

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 101ms
36ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 26 Oct 2023 12:04:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C774 70 KB
32 KB 45ms
44ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba3856dd7ea7782c649d24e61e93cdf64e47347a8997283fb141ba01e1dc8ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32475
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C774 116 KB
33 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdfff9e5c20588ea9d99bdabfbd3b380fff2b6cadbf586185ef5ad733355862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33669
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:28:47 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 109ms
38ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=206&cb=4229860592

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://eliterohanonline.forumeiros.com
date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 icon-white50x50.png
connect.topicit.net/images/connect-button/ Frame 730A 824 B
1 KB 32ms
31ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.topicit.net/images/connect-button/icon-white50x50.png

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f1a41d08d069639dd6313ea2f8c0cf7089e4c1967d3930c467864641149ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&lang=pt&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Feliterohanonline.forumeiros.com%2Ftopicit%2Findex.php%2Fconnect&version=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 986
alt-svc: h3=":443"; ma=86400
content-length: 824
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Oct 2017 14:06:27 GMT
server: cloudflare
etag: "59d78de3-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGjUROAqcXRlwF%2FXWP5KNloPC4yoDCgU8NcsBwSUApanuvReTNig6QXxv46XKZ2QIZBxXDHhNbfbmYpMAs3oQ4Y9UFp%2F4bkt2bjUsfjRd1vyfjGDX4Y4jsVbxHuDCpyApaFvs1Q4hWGbPuXJ3ViTZRo%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81c28fcc8a6ad38f-CDG

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
35ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 26 Oct 2023 12:04:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C774 90 B
134 B 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd8fc117e43b07d82f7cf6769c96b210e13231fbe95b5a056574d769e158b086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H/1.1 200
OK consent-string Show response
api.consentframework.com/api/v1/public/ 217 B
568 B 93ms
31ms Fetch
application/json 2a01:4f8:fff2:d::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/consent-string

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=pt

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff2:d:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

6a0913bb3b185d0aa9a93feb664fa2f483a7123143ea63f625ecc2245114d35e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 26 Oct 2023 12:04:25 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 217

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ 0
535 B 104ms
26ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&r=&rand=1698321865883&gdpr=1&gdpr_consent=CP0QLgAP0QLgABcAIBENDcCgAAAAAH_AAAqIIyQAARkgVgALAAeABUAC4AHIAPgBAACSAGIAZQA0ADUAHgARAAjgBMACeAGIAMwAfgBCACOAFLAMoAywB3AD9AIQARaAjgCOgFXALqAaIA14BtAD_gI9ATEAo8BTQC1AF5gMEAYaAyQBxYDlAAA&globalscope=false&cookieless_optout=0&tbp=true

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=pt

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 Thimory, France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/portal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 12:04:25 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK user-action Show response
api.consentframework.com/api/v1/public/ 0
302 B 86ms
28ms Fetch 2a01:4f8:fff2:d::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=pt

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff2:d:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Date: Thu, 26 Oct 2023 12:04:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=15724800; includeSubDomains
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

GET
H2 200 8a83e099-851b-4737-9ca3-c7092ea4fc9f Show response
config.aps.amazon-adsystem.com/configs/ 537 B
801 B 110ms
28ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8a83e099-851b-4737-9ca3-c7092ea4fc9f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 21cd01b874218a2c8f52506daabf8fd202523315928bc3e7cc16d8343ae99ffd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:35:29 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1737
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: gkAR1t1i0xgS5M8kj4CPsaP07iJdkO2ZR72Ei_taD4x6qfC0buKOyw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 786 B
1 KB 119ms
119ms XHR
application/json 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Feliterohanonline.forumeiros.com&pubid=8a83e099-851b-4737-9ca3-c7092ea4fc9f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 69d50aec1a460a5c30082515e4ad7c8a0319ed57459775420624779f5b527466

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 786
x-amz-cf-id: hQV5jtxJ6qkYn-iZO_CS-llczXSDP4cNv0uZpISH0qjoAR2Oe8LnsA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 487ms
425ms XHR
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:27 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: DnLMSHgWfJmO9oxJQL40yOD6pU2uvBlbQ031SdCrPHUOsLYtx-Uvdw==

GET
H2 200 11662.js Show response
ads.rubiconproject.com/ad/ Frame 775D 30 KB
9 KB 161ms
61ms Script
text/javascript 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7142
access-control-allow-credentials: true
content-length: 8916
expires: Thu, 26 Oct 2023 14:03:28 GMT

GET
H2 200 11662.js Show response
ads.rubiconproject.com/ad/ Frame 8B0C 30 KB
9 KB 112ms
28ms Script
text/javascript 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7142
access-control-allow-credentials: true
content-length: 8916
expires: Thu, 26 Oct 2023 14:03:28 GMT

GET
H2 200 11662.js Show response
ads.rubiconproject.com/ad/ Frame 8039 30 KB
9 KB 95ms
30ms Script
text/javascript 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7142
access-control-allow-credentials: true
content-length: 8916
expires: Thu, 26 Oct 2023 14:03:28 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
209 B 23ms
22ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://eliterohanonline.forumeiros.com
date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 25ms
24ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Oct 2024 12:04:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 24ms
23ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Oct 2024 12:04:26 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 123ms
30ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 26 Oct 2023 12:19:26 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
31 KB 77ms
28ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: F0TTTRSF3CPK9H9F
age: 16
x-amz-server-side-encryption: AES256
x-amz-id-2: rEIoSPAUlOHAvDNCcjsOmu67YL5wTL4Kn+CBN1h8mUZuPWOHL1shbeTWWiGjszp3RrIdY3hl2nvHVTxP4FPanw==
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
etag: W/"f782ea030d6823bac929128fb89f783a"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81c28fcffbe22a20-CDG
expires: Thu, 26 Oct 2023 13:04:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C774 4 KB
2 KB 102ms
34ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 12:04:26 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
866 B 29ms
29ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790210
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQAbvfNLRIj73Ot%2Bthag7MQlDmqAH%2FICNJyPK2SgUz24gqMGRoA2lZjVkNhyH6yR521DNYO87r4xc5E419Ns3YZeU47hH81prJc3SgpBYYm11j4XiRlZW%2BUkHerpbI%2BJzb1fW3uKgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fcfdb880377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 151168-15.js Show response
smarttag.rubiconproject.com/a/11662/36432/ Frame 8B0C 1 KB
1 KB 172ms
95ms Script
text/javascript 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.502383746325695&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 94dbbd74f49ad4fc1f3c261fc5dec99348ed7f1210a3363b838065ff237274e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 151168-15.js Show response
smarttag.rubiconproject.com/a/11662/36432/ Frame 8039 1 KB
1 KB 150ms
79ms Script
text/javascript 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.04985697386629706&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5c45250823f4576e505e9783863e825068863becfe6a0d973ff326bf0a3fd128

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 151162-2.js Show response
smarttag.rubiconproject.com/a/11662/36432/ Frame 775D 1 KB
1 KB 152ms
88ms Script
text/javascript 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/11662/36432/151162-2.js?&cb=0.9050953276933669&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36432_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 075230923ffda0864f9fcade10a27d5b9df19f1e45de7decdf95d2f114a3278e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame C774 50 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 26 Oct 2023 15:57:06 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-pt/ Frame 8039 648 KB
57 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c832e4e2e8e093e39d83069788d0d03de1ee92e0d79cc7c6f48cd287746583

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: TWEsBCpWixjueV7_k1IQkt6SE4eKthlm
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: ZW3JMB0SKXZXXX70
age: 2422
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57760
x-amz-id-2: XduKc2aVkA2HNMgibQVNB5EDfN4ar7aDiA1cQa2+avbD4GbeA9JQcV2jcP+oazXc7Z9oDa+IFU8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:48:31 GMT
server: AmazonS3
x-timer: S1698321866.403579,VS0,VE0
etag: "69e731648f25407288d7bd74ffdf2319"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E720 281 B
554 B 91ms
29ms Document
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.04985697386629706&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Oct 2023 12:04:26 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 f563063d-3da4-4a9e-be78-8dba40c8a965
beacon-ams3.rubiconproject.com/beacon/d/ Frame 8039 43 B
75 B 132ms
27ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/f563063d-3da4-4a9e-be78-8dba40c8a965?oo=0&accountId=11662&siteId=36432&zoneId=151168&sizeId=15&e=6A1E40E384DA563BA9438EE01A62D2FAA6F803F5F42B4E75A0836697D613E30197E592A3FBACEB5A746ABB209E7BE5DE683D50851BF2EEDF28284992B869708963CCD038EAD1124DB8B582EBACE6C3C3E8440C38DD95BBCFF3B569800A23158E9A32B6D9A65B063851C91A111085E9909B5DE5C4E039B1223B22BBF4B8D91D8E

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-pt/ Frame 775D 648 KB
57 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c832e4e2e8e093e39d83069788d0d03de1ee92e0d79cc7c6f48cd287746583

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: TWEsBCpWixjueV7_k1IQkt6SE4eKthlm
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: ZW3JMB0SKXZXXX70
age: 2422
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57760
x-amz-id-2: XduKc2aVkA2HNMgibQVNB5EDfN4ar7aDiA1cQa2+avbD4GbeA9JQcV2jcP+oazXc7Z9oDa+IFU8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:48:31 GMT
server: AmazonS3
x-timer: S1698321866.408547,VS0,VE0
etag: "69e731648f25407288d7bd74ffdf2319"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 3

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8655 281 B
554 B 83ms
26ms Document
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36432/151162-2.js?&cb=0.9050953276933669&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36432_2&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Oct 2023 12:04:26 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 fe4f775e-83d7-4328-b106-37ab8822f1df
beacon-ams3.rubiconproject.com/beacon/d/ Frame 775D 43 B
227 B 125ms
25ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/fe4f775e-83d7-4328-b106-37ab8822f1df?oo=0&accountId=11662&siteId=36432&zoneId=151162&sizeId=2&e=6A1E40E384DA563BBE9868111EF19C7268C3DA362630314DAF82D0A194F10A34ABCF890CE9531A798C36DECF29D1C746683D50851BF2EEDF0913B4291E15144663CCD038EAD1124DB8B582EBACE6C3C3E8440C38DD95BBCFF3B569800A23158E8F1232307BD589E7AD6DC56C87E91F63E1501A5C29ACF5C995BCEA9A1A431B34

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-pt/ Frame 8B0C 648 KB
57 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c832e4e2e8e093e39d83069788d0d03de1ee92e0d79cc7c6f48cd287746583

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: TWEsBCpWixjueV7_k1IQkt6SE4eKthlm
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: ZW3JMB0SKXZXXX70
age: 2422
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57760
x-amz-id-2: XduKc2aVkA2HNMgibQVNB5EDfN4ar7aDiA1cQa2+avbD4GbeA9JQcV2jcP+oazXc7Z9oDa+IFU8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:48:31 GMT
server: AmazonS3
x-timer: S1698321866.416209,VS0,VE0
etag: "69e731648f25407288d7bd74ffdf2319"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F829 281 B
554 B 80ms
26ms Document
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.502383746325695&tk_st=1&rf=https%3A//eliterohanonline.forumeiros.com/portal&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Oct 2023 12:04:26 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 11907c4e-feff-402c-94b9-456a51c5b93f
beacon-ams3.rubiconproject.com/beacon/d/ Frame 8B0C 43 B
98 B 118ms
26ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/11907c4e-feff-402c-94b9-456a51c5b93f?oo=0&accountId=11662&siteId=36432&zoneId=151168&sizeId=15&e=6A1E40E384DA563B9440577A0BD23B9840032324C53C9FFD27FDCB170CB9954A1791930DD0621437E4F6BDCA2F6E3EE2683D50851BF2EEDFD5D94A9CDDD647B463CCD038EAD1124DB8B582EBACE6C3C3E8440C38DD95BBCFF3B569800A23158E1677132365E10E634AC594943BF830D09B5DE5C4E039B1223B22BBF4B8D91D8E

Requested by

Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:25 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 impl.20231026-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 8039 814 KB
169 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: K6hlsd2yW_Hzix.HlEZLTIn2r9zUGFsc
content-encoding: br
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: HFDG0SM87MR5DPBS
age: 7429
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172502
x-amz-id-2: 7zXX+tqz/KllSs6Tx/OnuThG7HWrOhdPHlKFfTgfm6jvx7I+tIOPlsJIT7pzT+uIJ2foa6siPa8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:00:38 GMT
server: AmazonS3-br
x-timer: S1698321866.447923,VS0,VE0
etag: "2360df86d9f30659043fb748ff4e84af"
vary: Accept-Encoding
content-type: application/javascript
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16377

GET
H2 200 impl.20231026-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 775D 814 KB
169 KB 21ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: K6hlsd2yW_Hzix.HlEZLTIn2r9zUGFsc
content-encoding: br
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: HFDG0SM87MR5DPBS
age: 7429
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172502
x-amz-id-2: 7zXX+tqz/KllSs6Tx/OnuThG7HWrOhdPHlKFfTgfm6jvx7I+tIOPlsJIT7pzT+uIJ2foa6siPa8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:00:38 GMT
server: AmazonS3-br
x-timer: S1698321866.473446,VS0,VE0
etag: "2360df86d9f30659043fb748ff4e84af"
vary: Accept-Encoding
content-type: application/javascript
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16378

GET
H2 200 impl.20231026-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 8B0C 814 KB
169 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: K6hlsd2yW_Hzix.HlEZLTIn2r9zUGFsc
content-encoding: br
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: HFDG0SM87MR5DPBS
age: 7429
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172502
x-amz-id-2: 7zXX+tqz/KllSs6Tx/OnuThG7HWrOhdPHlKFfTgfm6jvx7I+tIOPlsJIT7pzT+uIJ2foa6siPa8=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:00:38 GMT
server: AmazonS3-br
x-timer: S1698321866.492173,VS0,VE0
etag: "2360df86d9f30659043fb748ff4e84af"
vary: Accept-Encoding
content-type: application/javascript
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 16379

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8655 40 KB
11 KB 35ms
30ms Script
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 12:04:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2023 01:19:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47637
Connection: keep-alive
Content-Length: 11051
Expires: Fri, 27 Oct 2023 01:18:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E720 40 KB
11 KB 44ms
43ms Script
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 12:04:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2023 01:19:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47637
Connection: keep-alive
Content-Length: 11051
Expires: Fri, 27 Oct 2023 01:18:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F829 40 KB
11 KB 38ms
37ms Script
text/html 104.75.90.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-29.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 12:04:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2023 01:19:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47637
Connection: keep-alive
Content-Length: 11051
Expires: Fri, 27 Oct 2023 01:18:23 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 8039 46 B
288 B 67ms
21ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 261828
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forumotion-pt/trc/3/ Frame 8039 4 KB
2 KB 268ms
260ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/trc/3/json?tim=14%3A04%3A26.528&lti=deflated&data=%7B%22id%22%3A787%2C%22ii%22%3A%22%2Fportal%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698317305242%2C%22vi%22%3A1698321866525%2C%22cv%22%3A%2220231026-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22vpi%22%3A%22%2Fportal%22%2C%22e%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-ma-300X250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fportal%2CMid%20Article%20Thumbnails%201%3Dthumbnails-ma-300X250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2521993a734605728bf7e05d7324cb87e0e6558a1a5c2df34f630ad6491d64a

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 242
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 1.315
x-fastly-to-nlb-rtt: 14029
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
x-log-content-encoding: gzip
server: nginx
x-timer: S1698321867.545581,VS0,VE242
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://eliterohanonline.forumeiros.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 775D 46 B
287 B 37ms
22ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 252561
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forumotion-pt/trc/3/ Frame 775D 4 KB
2 KB 318ms
318ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/trc/3/json?tim=14%3A04%3A26.553&lti=deflated&data=%7B%22id%22%3A882%2C%22ii%22%3A%22%2Fportal%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698317305242%2C%22vi%22%3A1698321866525%2C%22cv%22%3A%2220231026-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22vpi%22%3A%22%2Fportal%22%2C%22e%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-ma-728X90%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fportal%2CMid%20Article%20Thumbnails%201%3Dthumbnails-ma-728X90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 935425d661fcd5a0da7a71bdcd280a4db32ca013f8f699a62a8f54a712d5759d

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 300
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 1.3512499999999998
x-fastly-to-nlb-rtt: 7778
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
x-log-content-encoding: gzip
server: nginx
x-timer: S1698321867.562983,VS0,VE300
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://eliterohanonline.forumeiros.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 8B0C 46 B
287 B 23ms
22ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 288271
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forumotion-pt/trc/3/ Frame 8B0C 4 KB
2 KB 213ms
213ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/trc/3/json?tim=14%3A04%3A26.581&lti=deflated&data=%7B%22id%22%3A391%2C%22ii%22%3A%22%2Fportal%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698317305242%2C%22vi%22%3A1698321866525%2C%22cv%22%3A%2220231026-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22vpi%22%3A%22%2Fportal%22%2C%22e%22%3A%22https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-ma-300X250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%201%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fportal%2CMid%20Article%20Thumbnails%201%3Dthumbnails-ma-300X250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 74a9ab09f91f3e714a8a28ebdc73d81d92a49b333b62f7a68d5d2708f69ad28b

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 195
date: Thu, 26 Oct 2023 12:04:26 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.9460416666666666
x-fastly-to-nlb-rtt: 8047
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
x-log-content-encoding: gzip
server: nginx
x-timer: S1698321867.590720,VS0,VE195
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://eliterohanonline.forumeiros.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 421 KB
132 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 07:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18066
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135211
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 25 Oct 2024 07:03:20 GMT

GET
H2 200 userx.20231026-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8B0C 17 KB
6 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231026-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: HjSv4hHmCxylRcOxo114P6iD2DzvgYEW
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: Y59KWR0MDF33XZMV
age: 4392
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: /52YK7uoFoRNcKmhbJUzROWSotXLqfRgDJiAQ8pMTEiTmfEDeIjRYOYtEn8NJGUY0wh/MjBPxy0=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:51:15 GMT
server: AmazonS3
x-timer: S1698321867.852214,VS0,VE0
etag: "60d7314620fe91cb54ccdc407a03979e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2263

GET
H2 200 userx.20231026-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8039 17 KB
5 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231026-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: HjSv4hHmCxylRcOxo114P6iD2DzvgYEW
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: Y59KWR0MDF33XZMV
age: 4392
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: /52YK7uoFoRNcKmhbJUzROWSotXLqfRgDJiAQ8pMTEiTmfEDeIjRYOYtEn8NJGUY0wh/MjBPxy0=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:51:15 GMT
server: AmazonS3
x-timer: S1698321867.861482,VS0,VE0
etag: "60d7314620fe91cb54ccdc407a03979e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2264

GET
H2 204 fix-user-id
trc.taboola.com/forumotion-pt/log/3/ Frame 8039 0
131 B 28ms
28ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forumotion-pt/log/3/fix-user-id?lti=deflated&ri=7e7db6e60ff0ee77bcec9d5ea982b0b7&sd=v2_60810e99e38617c2a4dda82edad82d87_1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a&pi=/portal&wi=8549056381771264071&pt=text&vi=1698321866525&time=1698321866846&fromUser=60d271dd-0d69-4720-83f3-98681a0a1004-tuctc33db4a&toUser=1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a&fromSD=v2_becbf86db49ecdb266187b000570ecef_60d271dd-0d69-4720-83f3-98681a0a1004-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&toSD=v2_60810e99e38617c2a4dda82edad82d87_1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&tim=14%3A04%3A26.846&id=3293&llvl=2&cv=20231026-7-RELEASE&
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8008
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321867.861413,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/forumotion-pt/log/3/ Frame 8039 0
231 B 67ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/forumotion-pt/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=11593&tvi50=10820&lti=deflated&ri=7e7db6e60ff0ee77bcec9d5ea982b0b7&sd=v2_60810e99e38617c2a4dda82edad82d87_1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a&pi=/portal&wi=8549056381771264071&pt=text&vi=1698321866525&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698321866849%7D&tim=14%3A04%3A26.849&id=6497&llvl=2&cv=20231026-7-RELEASE&
Requested by: Host: eliterohanonline.forumeiros.com
URL: https://eliterohanonline.forumeiros.com/portal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ADDF 15 KB
6 KB 23ms
23ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eliterohanonline.forumeiros.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eliterohanonline.forumeiros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 12:04:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 340394
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 674113033dd8771ca3a9723a25a86a7d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8B0C 8 KB
9 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b795a345f60dcb70827a1a84be176a6a95261bae4def62fb1f3c61a14d66a67c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 1384157
edge-cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
expiration: expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://passback.free.fr/
content-length: 8542
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000132-IAD, cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600031-LCY
last-modified: Sun, 27 Aug 2023 08:51:13 GMT
server: nginx
surrogate-reporting: width=360,height=180,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.879278,VS0,VE0
etag: "4b969ec5a61fa97229c27b634bd7c9ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 79, 3

GET
H2 200 674113033dd8771ca3a9723a25a86a7d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8039 8 KB
8 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b795a345f60dcb70827a1a84be176a6a95261bae4def62fb1f3c61a14d66a67c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 1384157
edge-cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
expiration: expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://passback.free.fr/
content-length: 8542
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000132-IAD, cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600031-LCY
last-modified: Sun, 27 Aug 2023 08:51:13 GMT
server: nginx
surrogate-reporting: width=360,height=180,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.884544,VS0,VE0
etag: "4b969ec5a61fa97229c27b634bd7c9ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 79, 4

GET
H2 200 placement_invocation Show response
invocation.cheqzone.com/ Frame 8B0C 83 KB
28 KB 109ms
36ms Script
text/javascript 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 64ca9b454f4e98efa875e3c932cf28711be07878a56080461147f7314f8f27f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:47:52 GMT
content-encoding: gzip
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 994
etag: "14d6c-55/BX3Ou6cHHOHlul5Oeg2w+2k0"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 28184
x-amz-cf-id: 8eafAIOZD4edOV_zBIlqcK8bHB1OfWqRztRjRrqk6X1OvNkUSUiMnA==
expires: Thu, 26 Oct 2023 23:47:52 GMT

GET
H2 200 placement_invocation Show response
invocation.cheqzone.com/ Frame 8039 83 KB
28 KB 126ms
54ms Script
text/javascript 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 64ca9b454f4e98efa875e3c932cf28711be07878a56080461147f7314f8f27f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:47:52 GMT
content-encoding: gzip
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 994
etag: "14d6c-55/BX3Ou6cHHOHlul5Oeg2w+2k0"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 28184
x-amz-cf-id: cJmXUcw4fY0nv0xdwGDa_p4bUtUNp_pzSRWxDSFAQwD5pJ2ZMuWZjw==
expires: Thu, 26 Oct 2023 23:47:52 GMT

GET
H2 200 userx.20231026-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 775D 17 KB
6 KB 21ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231026-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: HjSv4hHmCxylRcOxo114P6iD2DzvgYEW
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:26 GMT
x-amz-request-id: Y59KWR0MDF33XZMV
age: 4392
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: /52YK7uoFoRNcKmhbJUzROWSotXLqfRgDJiAQ8pMTEiTmfEDeIjRYOYtEn8NJGUY0wh/MjBPxy0=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Thu, 26 Oct 2023 10:51:15 GMT
server: AmazonS3
x-timer: S1698321867.899892,VS0,VE0
etag: "60d7314620fe91cb54ccdc407a03979e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2265

GET
H2 204 fix-user-id
trc.taboola.com/forumotion-pt/log/3/ Frame 775D 0
303 B 37ms
35ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forumotion-pt/log/3/fix-user-id?lti=deflated&ri=2c97d896c8a9e9c8b6a397e24d27173f&sd=v2_0b5494267069cb2272d81cb693e49197_41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a&pi=/portal&wi=8549056381771264071&pt=text&vi=1698321866525&time=1698321866883&fromUser=1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a&toUser=41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a&fromSD=v2_60810e99e38617c2a4dda82edad82d87_1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&toSD=v2_0b5494267069cb2272d81cb693e49197_41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&tim=14%3A04%3A26.883&id=9841&llvl=2&cv=20231026-7-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 14043
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321867.899851,VS0,VE16
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/forumotion-pt/log/3/ Frame 775D 0
230 B 31ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/forumotion-pt/log/3/abtests?route=AM:AM:V&tvi48=13667&tvi50=13315&lti=deflated&ri=2c97d896c8a9e9c8b6a397e24d27173f&sd=v2_0b5494267069cb2272d81cb693e49197_41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a_1698321866_1698321866_CIi3jgYQhOM_GJ2-_N62MSABKAEwSjjE1whA6IsQSNbm2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a&pi=/portal&wi=8549056381771264071&pt=text&vi=1698321866525&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698321866886%7D&tim=14%3A04%3A26.886&id=7688&llvl=2&cv=20231026-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 242 B
706 B 373ms
36ms XHR
text/javascript 34.249.13.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.13.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 27f48aab4103d0c321b3d4674861a4465a4c33b143d64ddf38d461a65bb200f2

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 12:04:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 242
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 placement_invocation Show response
invocation.cheqzone.com/ Frame 775D 83 KB
28 KB 77ms
32ms Script
text/javascript 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-pt/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 64ca9b454f4e98efa875e3c932cf28711be07878a56080461147f7314f8f27f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:47:52 GMT
content-encoding: gzip
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 994
etag: "14d6c-55/BX3Ou6cHHOHlul5Oeg2w+2k0"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 28184
x-amz-cf-id: f_nGH3HUeqi8b9F2TqN_JtjPHQz9aV8lbMT1BHLmaU2Il2bQdAUXwg==
expires: Thu, 26 Oct 2023 23:47:52 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b795a345f60dcb70827a1a84be176a6a95261bae4def62fb1f3c61a14d66a67c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 1384157
edge-cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
expiration: expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://passback.free.fr/
content-length: 8542
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000132-IAD, cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600031-LCY
last-modified: Sun, 27 Aug 2023 08:51:13 GMT
server: nginx
surrogate-reporting: width=360,height=180,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.914441,VS0,VE0
etag: "4b969ec5a61fa97229c27b634bd7c9ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 79, 5

GET
H2 200 674113033dd8771ca3a9723a25a86a7d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8039 8 KB
8 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b795a345f60dcb70827a1a84be176a6a95261bae4def62fb1f3c61a14d66a67c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 1384157
edge-cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
expiration: expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://passback.free.fr/
content-length: 8542
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000132-IAD, cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600031-LCY
last-modified: Sun, 27 Aug 2023 08:51:13 GMT
server: nginx
surrogate-reporting: width=360,height=180,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.914607,VS0,VE0
etag: "4b969ec5a61fa97229c27b634bd7c9ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 79, 6

GET
H2 200 674113033dd8771ca3a9723a25a86a7d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 775D 3 KB
4 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 516ec23dd57b73bf3dec5d412e8bdc974aaf92613475793d84a4f449aee965dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 2007867
edge-cache-tag: 347759573491159347775081623810945487816,527864685085642514366146003099034469700,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,527864685085642514366146003099034469700,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Mon, 30 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lepoint.fr/
content-length: 2678
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kiad7000165-IAD, cache-iad-kcgs7200058-IAD, cache-lcy-eglc8600031-LCY
last-modified: Fri, 29 Sep 2023 15:38:39 GMT
server: nginx
surrogate-reporting: width=140,height=100,bytes=5264,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.916230,VS0,VE1
etag: "3b243e93463235f2efc78d470b2891ad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 54, 1

GET
H2

200

sid Show response
mug.criteo.com/ Frame ADDF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=forumeiros.com&sn=ChromeSyncframe&so=0&topUrl=eliterohanonline.forumeiros.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=w-6GW3xGMUc5NFg2Mm1TNjdSN2lDUTZTa1lJNkZtbFlXZ0prMndZMERsOENrbVN5dTNYWElFS1VkYWxhZmdSVWU0NmNmMjFwT1BOSmZraVVxY0xiejJxa0NGMEZNTkhBbHAvYThSNTJuL2pZOC9NejdtMnhOZTZjNGpKTG...

433 B
655 B

26ms
24ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=w-6GW3xGMUc5NFg2Mm1TNjdSN2lDUTZTa1lJNkZtbFlXZ0prMndZMERsOENrbVN5dTNYWElFS1VkYWxhZmdSVWU0NmNmMjFwT1BOSmZraVVxY0xiejJxa0NGMEZNTkhBbHAvYThSNTJuL2pZOC9NejdtMnhOZTZjNGpKTGFXS2ZOZWxmd05HKzBxQ1l5aVUrd2p6U1pwQ1ZQeURPZnRTNHVSdENWU0xELy83UVRsNDhCRUh2R29JR2FZTWNYQXJLNGtuaHhPd2JLbW5FVVJCYitVeTRFNXRrZWl2QTFNeXdCcDl6ZzF1SjlBcExwQzVZQzRRT0E4UStLdUJIQ1lmVUorWUwxYVFKTTBIQjJEWFNlMjZpV2oxTlA4dz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f56768097fe42217dc802fdab6a801495ca72b99becfd51ccae9911b1eca52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1366864
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 26 Oct 2023 12:04:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=w-6GW3xGMUc5NFg2Mm1TNjdSN2lDUTZTa1lJNkZtbFlXZ0prMndZMERsOENrbVN5dTNYWElFS1VkYWxhZmdSVWU0NmNmMjFwT1BOSmZraVVxY0xiejJxa0NGMEZNTkhBbHAvYThSNTJuL2pZOC9NejdtMnhOZTZjNGpKTGFXS2ZOZWxmd05HKzBxQ1l5aVUrd2p6U1pwQ1ZQeURPZnRTNHVSdENWU0xELy83UVRsNDhCRUh2R29JR2FZTWNYQXJLNGtuaHhPd2JLbW5FVVJCYitVeTRFNXRrZWl2QTFNeXdCcDl6ZzF1SjlBcExwQzVZQzRRT0E4UStLdUJIQ1lmVUorWUwxYVFKTTBIQjJEWFNlMjZpV2oxTlA4dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 333215
content-length: 0
expires: 0

GET
H2 200 674113033dd8771ca3a9723a25a86a7d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 775D 3 KB
3 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 516ec23dd57b73bf3dec5d412e8bdc974aaf92613475793d84a4f449aee965dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 26 Oct 2023 12:04:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/674113033dd8771ca3a9723a25a86a7d.jpeg
age: 2007867
edge-cache-tag: 347759573491159347775081623810945487816,527864685085642514366146003099034469700,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347759573491159347775081623810945487816,527864685085642514366146003099034469700,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Mon, 30 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lepoint.fr/
content-length: 2678
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kiad7000165-IAD, cache-iad-kcgs7200058-IAD, cache-lcy-eglc8600031-LCY
last-modified: Fri, 29 Sep 2023 15:38:39 GMT
server: nginx
surrogate-reporting: width=140,height=100,bytes=5264,owidth=1280,oheight=720,obytes=102001
x-timer: S1698321867.952619,VS0,VE0
etag: "3b243e93463235f2efc78d470b2891ad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 54, 2

GET
H2 200 controller.js Show response
ob.cheqzone.com/ 12 KB
5 KB 209ms
26ms Script
text/javascript 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/controller.js
Requested by: Host: invocation.cheqzone.com
URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-109.fra56.r.cloudfront.net
Software: Caddy /
Resource Hash: 0a7d5ca1722dea55bde84da59c0a15b2e5f110cca6193c7dd208c86d42f67825

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:34:24 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 38047
etag: "2e6e-LUqNKqvw+XC15AMy1fD1H4TK1ig"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 4592
x-amz-cf-id: zyqUvWcLPITFfN51B9591jwZ3WBz1HoTPXLCpmfz1V98LNlPBhetpw==
expires: Thu, 26 Oct 2023 13:30:20 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ Frame 775D 166 B
399 B 1355ms
1150ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=76967&url=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&sf=0&k=forum%2Bgratis%2Baqui%2Bvoc%C3%AA%2Bencontrara%2Bbuild%2Bskills%2Btutoriais%2Bdiversos%2Bsuporte%2Baos%2Bmembros%2Bda%2Bguildforum%2Bcomercio%2Bparalelo%2Bde%2Bitens%2Binforma%C3%A7%C3%B5es%2Bsobre%2Ba%2Bguild%2Bforum%2Beventos%2Bdo%2Bjogo%2Be%2Binternos%2Bda%2Bg%2Bforum%2Bgratis%2Bforum%2Bguild%2Brohan%2Bonline%2Btitans%2Bbr%2Bbuild%2Bskill%2Bmmorpg%2Bforum%2Bgratis%2Bforum%2Belite%2Bbr%2Brohan%2Bblood%2Bfe%2Bportal&idx=0&tpi=%5BENTER_IMPRESSION_URL_UNESCAPED%5D&tpc=%5BENTER_CLICK_URL_UNESCAPED%5D&ch=&ext=&np=win32&nv=google%20inc.&rand=83111261911971850082255017257570031215326620785301661728829029890170&nc=0&tsf=0&tsfmi=&pv=0&cb=1698321867126&ref=&pit=1&hl=2&op=0&fs=728x90&ss=1600x1200&pre=0&jsonp=&mr=&ag=2822802273&sts=0&at=&bid=e30%3D&di=W1siZWYiLDYxMjVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEyODQz%0D%0AMTg1MjEsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjUsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgx%0D%0ANFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldS%0D%0ASkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwiYXBw%0D%0AbGUtbW9iaWxlLXdlYi1hcHAtdGl0bGVcIixcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCIs%0D%0AXCJvZzpkZXNjcmlwdGlvblwiLFwidGl0bGVcIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxb%0D%0ALTE0LCJ7XCJvXCI6MH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCw3MjgsOTAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNjEzNzI3%0D%0AMTcwLjE2OTgzMjE4NjUiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisi%0D%0AXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NjQwMDAwMDAsXCJ1amhzXCI6%0D%0ANDIxMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjIsMCxcIjRnXCIsbnVs%0D%0AbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiww%0D%0ALDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMy%0D%0ALCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY5ODMyMTg2NzExNywtMl0iXSxbLTM2%0D%0ALCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xMDktNjYtNzAtIl0sWy0zOCwiYywtMSwtMSwt%0D%0AMTY5ODMyMTg2NTk1NSwwLDAsMCwwLDAsMTY5ODMyMTg2NTk1NiwwLDAsOTc0LDk3NCwxMTY1LDEx%0D%0ANjUiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemls%0D%0AbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0i%0D%0AXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxb%0D%0ALTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvUGFyaXMsZW4t%0D%0AVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsNzJdXQ%3D%3D&tsfu=&ar=&up=&ap=&dep=1&fst=1600x1200&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A90%2C%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22s%22%3A0%2C%22t%22%3A0%7D%2C%7B%22x%22%3A436%2C%22y%22%3A652%2C%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22s%22%3A0%2C%22t%22%3A1%7D%5D&ksz=1x1&ver=41&cri=dKfVLGUEnW&sdd=%7B%7D&ijt=nsf&pto=1174&ao=https%3A%2F%2Feliterohanonline.forumeiros.com&aol=1
Requested by: Host: invocation.cheqzone.com
URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 52e9fc17608cbf660d78e2610cdc26953e6303d79163e91eb06b24a5443123e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 26 Oct 2023 12:04:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/javascript

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8655 7 B
380 B 127ms
26ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F829 7 B
380 B 126ms
26ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E720 7 B
380 B 124ms
25ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2 200 show_pla Show response
obs.cheqzone.com/ Frame 8039 166 B
318 B 1828ms
1677ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=76967&url=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&sf=0&k=forum%2Bgratis%2Baqui%2Bvoc%C3%AA%2Bencontrara%2Bbuild%2Bskills%2Btutoriais%2Bdiversos%2Bsuporte%2Baos%2Bmembros%2Bda%2Bguildforum%2Bcomercio%2Bparalelo%2Bde%2Bitens%2Binforma%C3%A7%C3%B5es%2Bsobre%2Ba%2Bguild%2Bforum%2Beventos%2Bdo%2Bjogo%2Be%2Binternos%2Bda%2Bg%2Bforum%2Bgratis%2Bforum%2Bguild%2Brohan%2Bonline%2Btitans%2Bbr%2Bbuild%2Bskill%2Bmmorpg%2Bforum%2Bgratis%2Bforum%2Belite%2Bbr%2Brohan%2Bblood%2Bfe%2Bportal&idx=0&tpi=%5BENTER_IMPRESSION_URL_UNESCAPED%5D&tpc=%5BENTER_CLICK_URL_UNESCAPED%5D&ch=&ext=&np=win32&nv=google%20inc.&rand=83191701826021119111069827902281835891487701626310197162582118171151&nc=0&tsf=0&tsfmi=&pv=0&cb=1698321867182&ref=&pit=1&hl=2&op=0&fs=300x250&ss=1600x1200&pre=0&jsonp=&mr=&ag=2822802273&sts=0&at=&bid=e30%3D&di=W1siZWYiLDgyNThdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEyODQz%0D%0AMTg1MjEsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjMsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgx%0D%0ANFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldS%0D%0ASkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwiYXBw%0D%0AbGUtbW9iaWxlLXdlYi1hcHAtdGl0bGVcIixcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCIs%0D%0AXCJvZzpkZXNjcmlwdGlvblwiLFwidGl0bGVcIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxb%0D%0ALTE0LCJ7XCJvXCI6MH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwzMDAsMjUwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTYxMzcy%0D%0ANzE3MC4xNjk4MzIxODY1Il0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIr%0D%0AIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjY0MDAwMDAwLFwidWpoc1wi%0D%0AOjQyMTAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS4yLDAsXCI0Z1wiLG51%0D%0AbGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIs%0D%0AMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0z%0D%0AMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2OTgzMjE4NjcxNzUsLTJdIl0sWy0z%0D%0ANiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTA5LTY2LTcwLSJdLFstMzgsImMsLTEsLTEs%0D%0ALTE2OTgzMjE4NjU5ODgsMCwwLDAsMCwwLDE2OTgzMjE4NjU5ODksMCwwLDg3Mi45LDg3Mi45LDEx%0D%0AOTEsMTE5MiJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwi%0D%0ATW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00%0D%0AMSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEw%0D%0AMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9QYXJp%0D%0Acyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwzN11d&tsfu=&ar=&up=&ap=&dep=1&fst=1600x1200&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A250%2C%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22s%22%3A0%2C%22t%22%3A0%7D%2C%7B%22x%22%3A832%2C%22y%22%3A2449%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22s%22%3A0%2C%22t%22%3A1%7D%5D&ksz=1x1&ver=41&cri=gtTrcfBDWM&sdd=%7B%7D&ijt=nsf&pto=1199&ao=https%3A%2F%2Feliterohanonline.forumeiros.com&aol=1
Requested by: Host: invocation.cheqzone.com
URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 52e9fc17608cbf660d78e2610cdc26953e6303d79163e91eb06b24a5443123e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 26 Oct 2023 12:04:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/javascript

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
832 B 28ms
28ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790211
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMnc2Q5ZghZWFz%2Fy0rPhWiHWCi3jvjVbKV8DmwsLV7B%2BAwf8srUDYrPf%2BoStiRbgHdpfDUBXHwJzpMnTMNYBPFoqZwernNSKgK0MKshWFE%2FdroBynJgXgVYAvUCT4cs3uHw2Mx0PZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fd5f84b0377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 31ms
31ms Script
image/gif 34.249.13.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=e2aa2ae88c2bcc3c33577d636d209bf8
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.13.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 12:04:27 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 91ms
32ms Image
image/gif 34.249.13.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=e2aa2ae88c2bcc3c33577d636d209bf8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.13.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 12:04:26 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
504 B 52ms
32ms XHR
text/javascript 34.249.13.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.13.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 29c39e3d4e3caa150774f3bd63b3a6d68890f33f0df40b0d3bba206ea89b07df

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 12:04:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://eliterohanonline.forumeiros.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ Frame 8B0C 166 B
295 B 1626ms
1626ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=76967&url=https%3A%2F%2Feliterohanonline.forumeiros.com%2Fportal&sf=0&k=forum%2Bgratis%2Baqui%2Bvoc%C3%AA%2Bencontrara%2Bbuild%2Bskills%2Btutoriais%2Bdiversos%2Bsuporte%2Baos%2Bmembros%2Bda%2Bguildforum%2Bcomercio%2Bparalelo%2Bde%2Bitens%2Binforma%C3%A7%C3%B5es%2Bsobre%2Ba%2Bguild%2Bforum%2Beventos%2Bdo%2Bjogo%2Be%2Binternos%2Bda%2Bg%2Bforum%2Bgratis%2Bforum%2Bguild%2Brohan%2Bonline%2Btitans%2Bbr%2Bbuild%2Bskill%2Bmmorpg%2Bforum%2Bgratis%2Bforum%2Belite%2Bbr%2Brohan%2Bblood%2Bfe%2Bportal&idx=0&tpi=%5BENTER_IMPRESSION_URL_UNESCAPED%5D&tpc=%5BENTER_CLICK_URL_UNESCAPED%5D&ch=&ext=&np=win32&nv=google%20inc.&rand=04112122555500906285051701127750646781412862160302021611065716989790&nc=0&tsf=0&tsfmi=&pv=0&cb=1698321867416&ref=&pit=1&hl=2&op=0&fs=300x250&ss=1600x1200&pre=0&jsonp=&mr=&ag=2822802273&sts=0&at=&bid=e30%3D&di=W1siZWYiLDMwNTNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MTEsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMjg0%0D%0AMzE4NTIxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCIzLGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xo%0D%0AMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pX%0D%0AUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwia2V5d29yZHNcIixcImFw%0D%0AcGxlLW1vYmlsZS13ZWItYXBwLXRpdGxlXCIsXCJvZzp0aXRsZVwiLFwidHdpdHRlcjp0aXRsZVwi%0D%0ALFwib2c6ZGVzY3JpcHRpb25cIixcInRpdGxlXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0s%0D%0AWy0xNCwie1wib1wiOjB9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAs%0D%0AMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAs%0D%0AMTIwMCwxNjAwLDEyMDAsMzAwLDI1MCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjE2MTM3%0D%0AMjcxNzAuMTY5ODMyMTg2NSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywi%0D%0AKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjo2NDAwMDAwMCxcInVqaHNc%0D%0AIjo0MjEwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuMiwwLFwiNGdcIixu%0D%0AdWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwy%0D%0ALDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFst%0D%0AMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjk4MzIxODY3NDExLC0yXSJdLFst%0D%0AMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTEwOS02Ni03MC0iXSxbLTM4LCJjLC0xLC0x%0D%0ALC0xNjk4MzIxODY1OTcwLDAsMCwwLDAsMCwxNjk4MzIxODY1OTcwLDAsMCw4ODguNiw4ODguNiwx%0D%0ANDQyLDE0NDMiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixc%0D%0AIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFst%0D%0ANDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDEx%0D%0AMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvUGFy%0D%0AaXMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMzld%0D%0AXQ%3D%3D&tsfu=&ar=&up=&ap=&dep=1&fst=1600x1200&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A250%2C%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22s%22%3A0%2C%22t%22%3A0%7D%2C%7B%22x%22%3A468%2C%22y%22%3A2449%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22s%22%3A0%2C%22t%22%3A1%7D%5D&ksz=1x1&ver=41&cri=ABysEAOuQD&sdd=%7B%7D&ijt=nsf&pto=1448&ao=https%3A%2F%2Feliterohanonline.forumeiros.com&aol=1
Requested by: Host: invocation.cheqzone.com
URL: https://invocation.cheqzone.com/placement_invocation?id=76967&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 52e9fc17608cbf660d78e2610cdc26953e6303d79163e91eb06b24a5443123e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 26 Oct 2023 12:04:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/javascript

POST
H2 204 bulk Show response
trc.taboola.com/forumotion-pt/log/3/ Frame 8B0C 0
64 B 29ms
29ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/log/3/bulk?tvi48=10637&tvi50=9058&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7921
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321868.900995,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/forumotion-pt/log/3/ Frame 8039 0
353 B 28ms
28ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/log/3/bulk?tvi2=4948&tvi48=11593&tvi50=10820&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8199
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321868.901245,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/forumotion-pt/log/3/ Frame 775D 0
361 B 27ms
27ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/log/3/bulk?tvi48=13667&tvi50=13315&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8227
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321868.933482,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/forumotion-pt/log/3/ Frame 775D 0
63 B 28ms
27ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forumotion-pt/log/3/visible?tvi48=13667&tvi50=13315&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eliterohanonline.forumeiros.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8403
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600031-LCY
pragma: no-cache
server: nginx
x-timer: S1698321868.935053,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 8B0C 254 B
717 B 18ms
18ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-amz-request-id: 1D8ABR7SQEB3Q5HC
age: 4000
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: PLuHq4g7470cdOrMKDIH/jokgfKlCJZD9qMepv2rK9pr4R9jZwWTzgZ/jsU6qGXmzkMAH8eyffc=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1698321868.936598,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1695

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 8039 254 B
330 B 19ms
19ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-amz-request-id: 1D8ABR7SQEB3Q5HC
age: 4000
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: PLuHq4g7470cdOrMKDIH/jokgfKlCJZD9qMepv2rK9pr4R9jZwWTzgZ/jsU6qGXmzkMAH8eyffc=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1698321868.936859,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1696

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 775D 254 B
717 B 19ms
18ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 26 Oct 2023 12:04:27 GMT
via: 1.1 varnish
x-amz-request-id: 1D8ABR7SQEB3Q5HC
age: 4000
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: PLuHq4g7470cdOrMKDIH/jokgfKlCJZD9qMepv2rK9pr4R9jZwWTzgZ/jsU6qGXmzkMAH8eyffc=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1698321868.952848,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1697

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C774 28 B
54 B 40ms
40ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698321868044
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7rWJib6tP00-br&fs=1
X-YouTube-Client-Version: 1.20231022.00.01
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgstQV9JQmxxNzlLQSjIq-mpBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698321865231&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 26 Oct 2023 12:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 26 Oct 2023 12:04:28 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
830 B 30ms
29ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790212
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fW1gjkfR6QmazrLQGn2KQGBRgijJPOYA45DGip1cobPwvFD0qvIg4se5rPj3q%2FsvaYTAn7b%2F0ZpNgizIsvaeoGcL4GzAqI7vVIyk551e%2Bn%2Bub7N2W7iloVU6ybjQSDELR9UUl9RuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fdc2aa90377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 8B0C 3 KB
2 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:28 GMT
x-amz-request-id: GMK80JFW7ZJE2CVK
age: 520
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: QGR/V2g8IL4WcGTYZt4cQKDoYiQKNnIpTm3QZvgvvo+tCRyUlSn5+O8gQciIIjFRSac0jK8+l4I=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1698321869.867527,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 64
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2622

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 8039 3 KB
1 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:28 GMT
x-amz-request-id: GMK80JFW7ZJE2CVK
age: 520
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: QGR/V2g8IL4WcGTYZt4cQKDoYiQKNnIpTm3QZvgvvo+tCRyUlSn5+O8gQciIIjFRSac0jK8+l4I=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1698321869.883112,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 48
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2623

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 775D 3 KB
1 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 26 Oct 2023 12:04:28 GMT
x-amz-request-id: GMK80JFW7ZJE2CVK
age: 520
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: QGR/V2g8IL4WcGTYZt4cQKDoYiQKNnIpTm3QZvgvvo+tCRyUlSn5+O8gQciIIjFRSac0jK8+l4I=
x-served-by: cache-lcy-eglc8600031-LCY
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1698321869.916159,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 75
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2624

GET
H2 200 / Show response
pips.taboola.com/ Frame 8B0C 64 B
99 B 83ms
19ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: a3a40a7cec14f8fa8dca66a548e4d28b5ecdbed706b1cf6dc5e9966490971e99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600061-LCY
date: Thu, 26 Oct 2023 12:04:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 / Show response
pips.taboola.com/ Frame 8039 64 B
255 B 66ms
18ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: a3a40a7cec14f8fa8dca66a548e4d28b5ecdbed706b1cf6dc5e9966490971e99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600061-LCY
date: Thu, 26 Oct 2023 12:04:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 / Show response
pips.taboola.com/ Frame 775D 64 B
99 B 34ms
19ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: a3a40a7cec14f8fa8dca66a548e4d28b5ecdbed706b1cf6dc5e9966490971e99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600061-LCY
date: Thu, 26 Oct 2023 12:04:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://eliterohanonline.forumeiros.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 8039 0
82 B 1025ms
172ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=1eae5535-880a-4d3a-ba21-ec717213a924-tuctc33db4a&uad=5c4ad489607b2ae6093b43b28de706249710db5078661b322704a5a16bef986f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Oct 2023 12:04:29 GMT
cache-control: no-store
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ Frame 775D 0
82 B 514ms
166ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a&uad=5c4ad489607b2ae6093b43b28de706249710db5078661b322704a5a16bef986f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Oct 2023 12:04:29 GMT
cache-control: no-store
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ Frame 8B0C 0
82 B 1519ms
166ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=60d271dd-0d69-4720-83f3-98681a0a1004-tuctc33db4a&uad=5c4ad489607b2ae6093b43b28de706249710db5078661b322704a5a16bef986f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Oct 2023 12:04:30 GMT
cache-control: no-store
server: nginx

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
834 B 29ms
29ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790213
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dUlGWUIgGqEIfmJnPgBOCowbII9dAe%2BQr%2Fn9%2FaZ1GF7h%2FAx8naaBEL0unwxL4s9YT5WpV4uEPApP0TaHgCEE%2BbdIn8ze7%2B4eFiO1wddPQ%2FeHBBFbgisY4w81HIMBSwtXWA1mKmg2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fe29c920377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
838 B 31ms
30ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790214
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iruKnWxu7X8wRCQICRCJqiDbJ%2BEDm7ps2ctOfbu%2FJ%2F8LKzQMoDL7L%2FwvVF5ptpCNReXfFBt6RGaU2DISyYyHEiKdWsSqFencVhZVnHNPbZzCMd%2BzEsm%2Bp8GxrrnVGl%2FU8HICVjG%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fe92df90377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
833 B 28ms
27ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790215
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8jewoEbZFL9HtXC8TulMJZnRJYZHeHVAPkXPQucFWlq%2FzYyU3IqCXh15vIg82wQahRjgA0H%2Bs0tiZaUoVytZFi5%2FEorotkX9RcsI3eXq4pZxxEDKjvlvULYqwM2gMDFzfwG%2FPZVFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28fef9fdc0377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
829 B 29ms
28ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790216
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Br2FQ9UU7hxe0JUaIFpLG%2Fvc155vJFxxNWcZ7b93vRH9TROesVjkHUb0mfZIfgnUpqpSW%2F3uF69P7vxsDG9OUgb40pCXsw8HwGgUm5775Tv7yp1ZfI1DntPfFKgslxyCaWr8mZToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28ff5f9760377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
835 B 28ms
28ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790217
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDjelPo5AxDbh%2FdoQnSjmNNndv4mPK%2FyVRn95yqZSBs7o0RBAoSz%2B%2FWZZR51H5Rb8HfZJmBjzKnxYHFY4iUxj2SA0FrIzwKvVI854vK04Oy%2B5nvEWFra%2FhgxSVlTq7YsfHMsKIfkMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c28ffc9d250377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
832 B 30ms
29ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790218
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOeuAfTX%2FgnrSiDCQzJHQ1EoX7FC462tLVrLPAH23gGrEelVTqNzJQZj%2BOkAfkKxN29Z0nCRsvj9r3QhT5%2B8c8S9OHkQwCXWap4XSb4doid68Dg735%2FCauFfLU6bTkV6KATXHZiKkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c290030f590377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_minitime1.gif
2img.net/i/fa/m/ 298 B
834 B 32ms
32ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/m/icon_minitime1.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eliterohanonline.forumeiros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 12:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26790219
alt-svc: h3=":443"; ma=86400
content-length: 298
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q6UI78KWT2pWI%2Fr7%2F0pZf3NqxoFNsdzjYHuJ1gibrZrA35Nxpw9AA9Ys0PHrrMg7aySg8j6A%2FfkViNVM31xDvCj1Kzps%2FWyjPXBobv1npnI%2FeCfi3ru4KCWdxLc6%2FNcHtoF%2FlXaOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81c2900998690377-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eliterohanonline.forumeiros.com/	1970-01-20 16:06:57	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.forumeiros.com/	1970-01-21 01:21:21	Name: _ga_VKHBPXN046 Value: GS1.1.1698321864.1.0.1698321864.60.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fZq8x64pYdw
.youtube.com/	1970-01-20 20:04:33	Name: VISITOR_INFO1_LIVE Value: -A_IBlq79KA
.consentframework.com/	1970-01-20 15:45:22	Name: euconsent-v2 Value: NO_CONSENT
.forumeiros.com/	1970-01-21 01:21:21	Name: _ga Value: GA1.2.1613727170.1698321865
.forumeiros.com/	1970-01-20 15:46:48	Name: _gid Value: GA1.2.753631318.1698321865
.forumeiros.com/	1970-01-20 15:45:21	Name: _gat_gtag_UA_144347007_1 Value: 1
.rubiconproject.com/	1970-01-21 00:30:57	Name: khaos Value: LO74ZMTT-J-28YQ
.rubiconproject.com/	1970-01-21 00:30:57	Name: audit Value: 1\|naVuGyos1qoQ92+kL3SIqMWxZQUMNpzzGXFcqoZw1m4/Ija3Bmt0MgGumtpwklkU253hODt8y1BGuKSVCIqee3wFY+Zmo820Smxg52UiqR4mGweUluV0N71iWSnWCbgaIo8tEQuGXfEYuY/fSI0kfg==
eliterohanonline.forumeiros.com/	1970-01-21 00:30:57	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D41589795-d1cf-47da-8c4f-452c61e5aca6-tuctc33db4a
.criteo.com/	1970-01-21 01:06:57	Name: uid Value: b366b0b6-3c4d-493f-838b-d1db18d361fe
.forumeiros.com/	1970-01-21 01:06:57	Name: cto_bundle Value: _1R4ql9WQlZQWEJtSUY1eXJOQ3hnJTJGaGF4dzc2cld2TEtRakFhSXFPN2klMkJBZjJJVkpmb3F5aXNNYmh1QTZGRCUyQkhUa3NuNTVFYThQeTRQd1c0akYxaXNXRkxJb1FrdWY3TDdtVnlBaFEydHdWYlYlMkZrdUhlbnNETmJvNjFOZWp0N2Y5VHdJRVZlY01xZVNFUXphMGFDNWM0cGl2ZyUzRCUzRA
obs.cheqzone.com/	1970-01-20 23:49:12	Name: cg_uuid Value: 3b368783adfad0098f51a46b90c7a740

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://eliterohanonline.forumeiros.com/portal Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=e2aa2ae88c2bcc3c33577d636d209bf8' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
ac.aruncdn.com
ac.audiencerun.com
ads.rubiconproject.com
ads.sportslocalmedia.com
ajax.googleapis.com
am-trc-events.taboola.com
api.consentframework.com
api.viglink.com
beacon-ams3.rubiconproject.com
bidder.criteo.com
c.amazon-adsystem.com
cache.consentframework.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
choices.consentframework.com
comparisons.sovrn.com
config.aps.amazon-adsystem.com
connect.topicit.net
eliterohanonline.forumeiros.com
eus.rubiconproject.com
floor.sportslocalmedia.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
illiweb.com
images.taboola.com
imasdk.googleapis.com
invocation.cheqzone.com
jnn-pa.googleapis.com
js.cookieless-data.com
mug.criteo.com
ob.cheqzone.com
obs.cheqzone.com
pips.taboola.com
region1.analytics.google.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
token.rubiconproject.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
www.youtube.com
www4.cbox.ws
104.75.90.29
108.138.7.96
141.226.228.48
141.226.230.50
151.101.1.44
18.66.110.17
18.66.147.119
195.201.153.71
2001:4860:4802:32::36
212.83.160.162
23.212.211.47
23.57.19.78
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:225e:cc00:1c:96c8:3900:93a1
2602:803:c003:200::37
2602:803:c003:200::44
2606:4700:10::6816:3556
2606:4700:20::681a:466
2606:4700:20::ac43:4675
2606:4700:3038::6815:eb4c
2606:4700::6810:5614
2a00:1450:4001:800::2004
2a00:1450:4001:802::200a
2a00:1450:4001:803::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c1f::9c
2a01:4f8:fff2:d::
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a04:4e42::300
2a06:98c1:3121::3
34.249.13.87
46.105.202.207
52.222.236.76
65.9.66.109
69.173.144.138
94.23.150.222
94.23.73.212
99.86.4.30
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075230923ffda0864f9fcade10a27d5b9df19f1e45de7decdf95d2f114a3278e
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
0a7d5ca1722dea55bde84da59c0a15b2e5f110cca6193c7dd208c86d42f67825
0d183890db9d4ddd4f6a2074932a1a40c22ede5731ecb9f07e1ab9cbc3107c5b
0fb2a7765151232111ceeca8d3097e374ce546322dc5e52b361a36983d31439b
0fcff74a1018aaa12189670c36fb8e4b92b93e488fed60508643002b3d08ad2b
162579ed49e13830f571f757619f5062cda07a2b80dab3b0e2127936372ec9ad
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305
19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be
1b3cecf3fd1a2f277f8cc679a4b845a254e6ebacece09a7d3a85dcdbc6c82cff
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1e904f00cf80d0dcc77b82905f8bfebd6c8d2e451e2444beef1a6c4db17f7bae
200f26641cc379f087491ed62c1b10a2ed9fd57f8e989eede3f518dc32145945
2101b65870627975a11dbb29a9cdc35a7ce79fe879ab407c8a8f109990932d0c
21cd01b874218a2c8f52506daabf8fd202523315928bc3e7cc16d8343ae99ffd
24c832e4e2e8e093e39d83069788d0d03de1ee92e0d79cc7c6f48cd287746583
27f48aab4103d0c321b3d4674861a4465a4c33b143d64ddf38d461a65bb200f2
29c39e3d4e3caa150774f3bd63b3a6d68890f33f0df40b0d3bba206ea89b07df
30735eded1ed8dfd5f8e532ed21c7e93457c1f7a09acc68a65d7994507b5e5b7
389c8e15521404615932727c6c8b4701cae08e11c252c43686559b4dfbe92c0d
3939082db5ba6750aabfefb91c2a61dc62ce014f01c664a8d3fdb27df51254d7
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3d6d7eb9d5977c8e8afff02542e4ce24bded625c4f36818f7d51044713db62e4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e3e1daef55d989aa8af87a766ed09da0afb9d3118da70132dadd1dda21ae7da
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f56768097fe42217dc802fdab6a801495ca72b99becfd51ccae9911b1eca52b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
499fecad40d7cedeadad20e507623fe8e619f322d0830518e985b57178aa95b3
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
516ec23dd57b73bf3dec5d412e8bdc974aaf92613475793d84a4f449aee965dd
51b6b311805712db5a8d23981d54327822a438112649fa816c0e6abb731d9206
52e9fc17608cbf660d78e2610cdc26953e6303d79163e91eb06b24a5443123e2
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
56bdc02f91039d1575412ffc2282cacabad84f85c02c97791a4ca7a08e19978a
5a4bd12952c6b89e70923bac15330dbedd51e926b2c7bcc068e08f5c376e3ec6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c45250823f4576e505e9783863e825068863becfe6a0d973ff326bf0a3fd128
5cf8644398e9f128abd5d55a9b68055199c540f9ffe837210246bd306ca01be8
5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
64ca9b454f4e98efa875e3c932cf28711be07878a56080461147f7314f8f27f7
657f1a41d08d069639dd6313ea2f8c0cf7089e4c1967d3930c467864641149ca
69d50aec1a460a5c30082515e4ad7c8a0319ed57459775420624779f5b527466
6a0913bb3b185d0aa9a93feb664fa2f483a7123143ea63f625ecc2245114d35e
6b03d922b107653220f7648b59f476c612b490d94f1d600d340c9434c21f0a60
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
7411c7e394bf6f7d1854d72cd1a0773489268dd22966d4271aa6b391cec4fb63
74a9ab09f91f3e714a8a28ebdc73d81d92a49b333b62f7a68d5d2708f69ad28b
74e77f614809cdcb611e93bf4c2e161b65c5c0aa00cc5c0eba09859fc5b58d9a
7687b8e18c54bd8b6f40e6ed5144891abb3e644e2f7df42f939891467b60fb18
7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd
79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f
7ae2a649612ccffd3b709cb2dd925aea1e53bff58bf236c30aaa140eadb41264
7bdfff9e5c20588ea9d99bdabfbd3b380fff2b6cadbf586185ef5ad733355862
7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19
863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
935425d661fcd5a0da7a71bdcd280a4db32ca013f8f699a62a8f54a712d5759d
94dbbd74f49ad4fc1f3c261fc5dec99348ed7f1210a3363b838065ff237274e1
99985b39f1eb2f07862dacc9c1f4a6cf9362f413f81174d7d3b6377a09241ff5
9a436d7b17d03c30e7bb6d50430ce59c312952f7994b7e49356f51a9bbba233d
9adacc1c627e5d68c7c32f55bf3baec2ac0d56d6f4a445ec177c05039f6cf3d9
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
9f95ce24f7186391b10a8b34d68c15dda26a8dba6fda804a6d315488933ea2b3
a13d3affd32623af934b02995ecc02c1cfa1457eb12b5f7491bc6b88a2edfbbe
a3a40a7cec14f8fa8dca66a548e4d28b5ecdbed706b1cf6dc5e9966490971e99
a4bfe11b66a1130fddfcc17cb40b20734bc0982e418242b772575a70442f09b2
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b035b619cdfb06d15a49674ddd7d48fac7554a5bb442ae371cf19f77f5ddae4f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b795a345f60dcb70827a1a84be176a6a95261bae4def62fb1f3c61a14d66a67c
b862cf296d276abfc28afff81b0ff181e3141b46342803acea39a42031a505f6
b89855e4460a8c2ae3a49fb4224b83ed6944cd6480d77a81e4f73bc55936ab8d
ba3856dd7ea7782c649d24e61e93cdf64e47347a8997283fb141ba01e1dc8ef5
ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94
baa3453d37b4293dc48b614a13c480d3d67bba784630bec84d8ef34ed790ef84
c24e8116e1a1840020e73d085906e99a6724afe5475f48d7015a6569810e50ea
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd8fc117e43b07d82f7cf6769c96b210e13231fbe95b5a056574d769e158b086
de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a9047726cfcd05302f4fdf912b21fd636b8f13f98a6f49e3f31dbdadde621
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e24acb3acea5d66454a2ef642897d29e2c7e590f843903d35f19af143e20d212
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2521993a734605728bf7e05d7324cb87e0e6558a1a5c2df34f630ad6491d64a
f43614a638eb1caa85822fa9b5470f6bd531d393cdeb824aa99e2f979f5a9ba5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f755dbaaa79d15340992ec8653f11a8de91ab59e5d8ade29af2727c755d53318
fbadc5e94abb019abe92e6647425b6102f6c8a651c5ba3d1a06e079b6e37f34c
feb518b63c532ab3858cb4a0c41d06ed7377470693c5f43aa52c61cf06eaba01
fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58

eliterohanonline.forumeiros.com Open in urlscan Pro 94.23.150.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

98 %HTTPS

61 %IPv6

29 Domains

54 Subdomains

48 IPs

7 Countries

4063 kBTransfer

14704 kBSize

14 Cookies

5 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eliterohanonline.forumeiros.com Open in urlscan Pro
94.23.150.222 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

98 %
HTTPS

61 %
IPv6

29
Domains

54
Subdomains

48
IPs

7
Countries

4063 kB
Transfer

14704 kB
Size

14
Cookies

183 HTTP transactions
0 data transactions