secretstars.mywebforum.com Open in urlscan Pro
2606:4700:20::681a:5e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secretstars.mywebforum.com/
Submission: On July 25 via manual (July 25th 2024, 2:38:59 pm UTC) from RU — Scanned from US

Summary HTTP 64 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 64 HTTP transactions. The main IP is 2606:4700:20::681a:5e, located in United States and belongs to CLOUDFLARENET, US. The main domain is secretstars.mywebforum.com.
TLS certificate: Issued by WE1 on June 29th 2024. Valid for: 3 months.

This is the only time secretstars.mywebforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:20:... 2606:4700:20::681a:5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c09::5f	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:602e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:400d:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:9a29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.180.131 172.67.180.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.148.121 172.67.148.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.104.29.90 172.104.29.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2607:fbe0:1:4... 2607:fbe0:1:42::1d	40824 (WZ-US-40824) (WZ-US-40824)
1	185.75.254.28 185.75.254.28	48684 (VIKINGHOST) (VIKINGHOST)
2	2a02:b48:8301::1 2a02:b48:8301::1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	66.254.122.33 66.254.122.33	29789 (REFLECTED) (REFLECTED)
5	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::69	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c02::66	15169 (GOOGLE) (GOOGLE)
64	19

3 2606:4700:20::681a:5e (United States)

ASN13335 (CLOUDFLARENET, US)

secretstars.mywebforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-1e27250373774d6ca37239bbf5810b5c.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:602e (United States)

ASN13335 (CLOUDFLARENET, US)

streamtape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c0d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9a29 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.180.131 (United States)

ASN13335 (CLOUDFLARENET, US)

pi3.piczhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.148.121 (United States)

ASN13335 (CLOUDFLARENET, US)

dr2.piczlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1848-90.members.linode.com

service.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:fbe0:1:42::1d (United States)

ASN40824 (WZ-US-40824, US)

soupy-user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.75.254.28 (Netherlands)

ASN48684 (VIKINGHOST, NL)

bngprm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:8301::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.complete-afternoon.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 66.254.122.33 (United States)

ASN29789 (REFLECTED, US)

i.bngprm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c02::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	76 KB
12	r2.dev pub-1e27250373774d6ca37239bbf5810b5c.r2.dev	4 MB
10	bngprm.com bngprm.com — Cisco Umbrella Rank: 83479 i.bngprm.com — Cisco Umbrella Rank: 112422	52 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	239 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
3	mywebforum.com secretstars.mywebforum.com	20 KB
2	complete-afternoon.pro www.complete-afternoon.pro	31 KB
2	soupy-user.com soupy-user.com	14 KB
2	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 82132 service.supercounters.com — Cisco Umbrella Rank: 80868	2 KB
1	piczlabs.com dr2.piczlabs.com	1 KB
1	piczhq.com pi3.piczhq.com	1 KB
1	streamtape.com streamtape.com — Cisco Umbrella Rank: 76022
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1004 B
64	14

	Domain	Requested by
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	pub-1e27250373774d6ca37239bbf5810b5c.r2.dev	secretstars.mywebforum.com pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
9	i.bngprm.com	bngprm.com i.bngprm.com
7	pagead2.googlesyndication.com	pub-1e27250373774d6ca37239bbf5810b5c.r2.dev pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	secretstars.mywebforum.com	secretstars.mywebforum.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.complete-afternoon.pro	soupy-user.com
2	soupy-user.com	secretstars.mywebforum.com soupy-user.com
1	www.google.com	tpc.googlesyndication.com
1	bngprm.com	pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
1	service.supercounters.com	widget.supercounters.com
1	dr2.piczlabs.com
1	pi3.piczhq.com
1	widget.supercounters.com	pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
1	streamtape.com	pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	secretstars.mywebforum.com
64	18

This site contains links to these domains. Also see Links.

Domain
mywebforum.com
piczhq.com
piczlabs.com
www.supercounters.com
bongacams.com

Subject Issuer	Validity	Valid
mywebforum.com WE1	`2024-06-29` - `2024-09-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
streamtape.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
supercounters.com WE1	`2024-06-10` - `2024-09-08`	3 months	crt.sh
piczhq.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
piczlabs.com WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.supercounters.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-21` - `2024-10-19`	a year	crt.sh
soupy-user.com E6	`2024-07-19` - `2024-10-17`	3 months	crt.sh
bngprm.com GoGetSSL RSA DV CA	`2023-11-27` - `2024-12-26`	a year	crt.sh
www.complete-afternoon.pro R10	`2024-07-23` - `2024-10-21`	3 months	crt.sh
i.bngprm.com GoGetSSL RSA DV CA	`2023-11-27` - `2024-12-26`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://secretstars.mywebforum.com/
Frame ID: 059AC71505D80061DBF5E776B005268B
Requests: 56 HTTP requests in this frame

Frame: https://streamtape.com/e/BG0JpwXRMXcyo90/star-sessions.mp4
Frame ID: 0A3FD4F0A309AFCEF3992D2EC95EC3BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: 07974DFDC8EC086CBD3B82FCFF70AA9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4833888168110763&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721918333&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_14~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918333354&bpp=4&bdt=1581&idt=418&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6953089630435&frm=20&pv=2&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: F0E8D3960079FE597DE21D5B3658CBB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4833888168110763&output=html&h=280&slotname=9706371848&adk=2279027762&adf=2422113350&pi=t.ma~as.9706371848&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918333&rafmt=1&format=1200x280&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918333358&bpp=2&bdt=1586&idt=457&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=466
Frame ID: 1CC626503D9650B0FBF87037F09E0946
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB552916FF648E6CD4D18370AC4F8FE4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E8AB650C813E59DC720F1115E165CA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4833888168110763&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918334&rafmt=1&to=qs&pwprc=2500841298&format=1200x90&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918334164&bpp=1&bdt=2391&idt=-M&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7142024aaeb9de53%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaWiAjbB4OjfWwRQrpf7QhxtQ4Oag&gpic=UID%3D00000eb05f9f6dee%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaOfspUFWFT7VnA8DsXbGj-AnwcqQ&eo_id_str=ID%3Ddabc591c67916376%3AT%3D1721918333%3ART%3D1721918333%3AS%3DAA-AfjbBRfCi6CzJcBXmIw07Igbu&prev_fmts=0x0%2C1200x280&nras=2&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=192
Frame ID: 6B7761302289B7149FA9CA9D4C2102BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4833888168110763&output=html&h=90&adk=3484811142&adf=3405525567&pi=t.aa~a.1226481606~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918334&rafmt=1&to=qs&pwprc=2500841298&format=1200x90&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918334164&bpp=1&bdt=2392&idt=1&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7142024aaeb9de53%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaWiAjbB4OjfWwRQrpf7QhxtQ4Oag&gpic=UID%3D00000eb05f9f6dee%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaOfspUFWFT7VnA8DsXbGj-AnwcqQ&eo_id_str=ID%3Ddabc591c67916376%3AT%3D1721918333%3ART%3D1721918333%3AS%3DAA-AfjbBRfCi6CzJcBXmIw07Igbu&prev_fmts=0x0%2C1200x280%2C1200x90&nras=3&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=195
Frame ID: 6864F4B48DFA700012234975ECA4C95D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

secretstars

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

2
Countries

4437 kB
Transfer

5781 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://mywebforum.com/
Title: mywebforum.com

Search URL Search Domain Scan URL

URL: https://piczhq.com/al4oabdrud4z/rftgju.jpg.html

Search URL Search Domain Scan URL

URL: https://piczlabs.com/2zql5xcijobi/bp_015.jpg.html

Search URL Search Domain Scan URL

URL: http://www.supercounters.com/stats/1640083
Title: 1689613 Visits

Search URL Search Domain Scan URL

URL: https://bongacams.com/track?c=291749&ps=footer_bar&csurl=https://bongacams.com/popular-chat
Title: CLICK TO JOIN US NOW

Search URL Search Domain Scan URL

URL: https://bongacams.com/track?c=291749&ps=footer_bar&csurl=https://bongacams.com/chat
Title: All models

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secretstars.mywebforum.com/ 60 KB
15 KB 473ms
452ms Document
text/html 2606:4700:20::681a:5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secretstars.mywebforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4016b91fd6447258b889d4d24623bdf245eac9bd5766b97a056c24865be2b244

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline';img-src 'self' data: https:;font-src 'self' data: https:;script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:;object-src 'none';form-action 'self';frame-ancestors 'self';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8a8ce562bbdf41a6-EWR
content-encoding: br
content-security-policy: default-src 'self' https: 'unsafe-inline';img-src 'self' data: https:;font-src 'self' data: https:;script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:;object-src 'none';form-action 'self';frame-ancestors 'self';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 25 Jul 2024 14:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: fullscreen=(self), payment=(self), sync-xhr=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdjLehIbBN6%2BtAfqiyozKq11aouDTMMkywLPaLgF5NKjE%2F3ZasNSty8TvntLVwYxZ74fK%2BNEssdBq0mQ4eowq6Ya7usEJjTBjakqP5r6Q6BwUJfqyNK%2Ba4dBQerDdesakgMz5pOD5LIgWT8JFnoXkp7WXQCQ6Ty1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1004 B 87ms
33ms Stylesheet
text/css 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 14:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 12:58:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 14:38:51 GMT

GET
H/1.1 200
OK 7b8ec9d.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 7 KB
7 KB 189ms
149ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11c00cfe15af91d93c02c538bfc30ec82e04f0967b4eca02f6b0d2649ba813d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:51 GMT
Last-Modified: Thu, 16 May 2024 21:22:00 GMT
Server: cloudflare
ETag: "fff488f4c9cf9c629dad5bc12af7bd51"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565e91119e3-EWR
Content-Length: 7276

GET
H/1.1 200
OK 25edc65.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 258 KB
258 KB 267ms
228ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/25edc65.js
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3120ed90ea0539af3f4c9c50088b6d7dd6e8750bfa4ff2f9c4a3150eea3722b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:21:28 GMT
Server: cloudflare
ETag: "031bcb3589df32aca2b3cf1927586eb1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565ea5043a4-EWR
Content-Length: 264197

GET
H/1.1 200
OK 1b7ab17.css
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/ 386 KB
386 KB 295ms
257ms Stylesheet
text/css 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/1b7ab17.css
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f27407cb33454ced62c93365a014b4f530b7ae8d13d585bc6c44a74c110492

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:22:57 GMT
Server: cloudflare
ETag: "7f7d227d2e30f15741bc0c9b98dbbb13"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565daf441ef-EWR
Content-Length: 395403

GET
H/1.1 200
OK 863688a.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 769 KB
769 KB 277ms
238ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/863688a.js
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbff6f582d70a2f4776cb1d29a6aefd8995067960e151ebfcc6b7b4fc642637d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:22:04 GMT
Server: cloudflare
ETag: "fda73fb22ba263daddd4ef0af67c918f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565eb74c443-EWR
Content-Length: 787165

GET
H/1.1 200
OK 87b7056.css
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/ 412 KB
412 KB 282ms
243ms Stylesheet
text/css 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/87b7056.css
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe5918e4988a0d250b5de6aa153d6a5a5bfd769d1343e3cb203053ac448f47

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:23:00 GMT
Server: cloudflare
ETag: "9a64b88f6e9659864b1849b946700858"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565dd057ca5-EWR
Content-Length: 421459

GET
H/1.1 200
OK cb42003.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 2 MB
2 MB 235ms
197ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/cb42003.js
Requested by: Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504dfa2f17db322b33d8756ecffbefb6435ac52a095a3be0b027550239473dd4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:22:31 GMT
Server: cloudflare
ETag: "3412a6a8cae7d9856dc802bd942cf417"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce565edba1978-EWR
Content-Length: 1871959

GET
H2 200 rocket-loader.min.js Show response
secretstars.mywebforum.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:20::681a:5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secretstars.mywebforum.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secretstars.mywebforum.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2024 17:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6696a9e8-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B74V2jGyjOqw0pi4mX7B6%2BIep%2FImQQ%2BpaBwL5ygwpX1TEb6vcjKEI8mNCArf2v7YEx9H41sc4QRIm3MFEcbufh2666J%2FqDHItgH9e5SF2gCnIUc5BPRXLEMzQVu7IUUiDMsrTWFU1evPInWvG%2B5AeqF0rIta5xBT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a8ce565df5841a6-EWR
expires: Sat, 27 Jul 2024 14:38:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
21ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secretstars.mywebforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 18:56:43 GMT
x-content-type-options: nosniff
age: 70929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 18:56:43 GMT

GET
H/1.1 200
OK materialdesignicons-webfont.e9db400.woff2
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/fonts/ 318 KB
318 KB 272ms
249ms Font
font/woff2 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/fonts/materialdesignicons-webfont.e9db400.woff2
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/1b7ab17.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Request headers

Referer: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/css/1b7ab17.css
Origin: https://secretstars.mywebforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:23:15 GMT
Server: cloudflare
ETag: "7a44ea195f395e1d086010e44555a5c4"
Vary: Origin, Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce5692a167d1a-EWR
Content-Length: 325244

GET
H2 404 favicon.ico
secretstars.mywebforum.com/ 2 B
354 B 119ms
118ms Other
application/json 2606:4700:20::681a:5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secretstars.mywebforum.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://secretstars.mywebforum.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAt%2BaUhFOzyiZQTXbtiX3Qg%2FAl224QDxmN3Ml0FsklFyusDX6Sb9Fe5CAC0sRPi4%2BYRTch6APlds2lMt7p1zWA0jkZKvCqWCUIKh0gX2LnoUI6q7THcF65KThE52HKnsllah34QEfW0W%2BheIgIb1JeiIMDdKE3oW"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a8ce56b1f1341a6-EWR
content-length: 2

GET
H/1.1 200
OK 8a29f31.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 458 B
813 B 195ms
194ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/8a29f31.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834100b1c48037891fa77deac4269b98ef82719a5478f9eab897ede4fb17d551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:52 GMT
Last-Modified: Thu, 16 May 2024 21:22:07 GMT
Server: cloudflare
ETag: "f07791c919c7ae14df9d6d78504b4ff4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce56c0a971978-EWR
Content-Length: 458

GET
H3 404 star-sessions.mp4
streamtape.com/e/BG0JpwXRMXcyo90/ Frame 0A3F 0
0 200ms
180ms Document
text/html 2606:4700:3037::6815:602e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.com/e/BG0JpwXRMXcyo90/star-sessions.mp4
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/25edc65.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:602e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: BYPASS
cf-ray: 8a8ce56e4df741e6-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 14:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gt5%2F9ch6viUpAhNEaDiSMldz5J3qafxoy21%2FKC4W8q0tFIwfj%2BzI96JUvgs%2F5sg%2BBwuOTFbpYNNQKCIV9SjFBcejTn%2FQjlYw%2FKGXWLAeO193bG3rXAzJu%2B4k5uLjMb6EzlRi%2BE6pj9dbfSs2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 137ms
92ms Script
text/javascript 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4833888168110763

Requested by

Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/cb42003.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0989fc0986e084bc14deacbe1271c7adb7a47e01015d29a545bb772bc9616a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53415
x-xss-protection: 0
server: cafe
etag: 15386425089179546487
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 25 Jul 2024 14:38:53 GMT

GET
H3 200 texthit.js Show response
widget.supercounters.com/ssl/ 2 KB
1 KB 42ms
25ms Script
application/javascript 2606:4700:3037::ac43:9a29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/texthit.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/cb42003.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b99af59e75387bad78d5131c9422c5524fa6a4e9fa1f706a1963ac6a34c3a4a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 12:17:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2829
etag: W/"6220b1e6-9bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emP6Q4biiOfbB2xv59erICrItjEdps0rmAPYmAwk%2BF22DyLskXKpsJeuOq4SIBZEofAgHEs%2BNAWYUER7EPiguej8G7Po6H8SrXiKfnCKJ2GtH5VrSciiRZMS3pd7eLNMpZUzKHislO%2FRMpSe4NeUoSQAp6rBvqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8a8ce56e4a98425e-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 404 al4oabdrud4z_t.jpg
pi3.piczhq.com/i/00062/ 694 B
1 KB 49ms
25ms Image
image/jpeg 172.67.180.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pi3.piczhq.com/i/00062/al4oabdrud4z_t.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fe662927c1c21f95229b73f9098c3666890c898bda92b9d4db0ac98cb6a8e1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 765230
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVF%2BPRdQyugbQnrx0dpF3Pxg2l3pEPxjmilraELwKYidl075etV8VBPwblhlNdTNkmgl9BhswxYEhTiPcAq43wuvrMMyfhnbErCKfaiSzzx40sRLQBomMxMhWTqLjUi%2BKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8a8ce56e5a004204-EWR
alt-svc: h3=":443"; ma=86400
content-length: 694

GET
H3 404 2zql5xcijobi_t.jpg
dr2.piczlabs.com/i/00199/ 694 B
1 KB 96ms
18ms Image
image/jpeg 172.67.148.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr2.piczlabs.com/i/00199/2zql5xcijobi_t.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fe662927c1c21f95229b73f9098c3666890c898bda92b9d4db0ac98cb6a8e1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1204725
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iD6xDjn59pzOdo9NP83gTk%2F4bLDpzF3DiqLbcTecDbXwsJCH%2Bmy7e%2BT6LsraKgqE9xHMFbQNFNA8TcVqE%2Bin8s0PXG%2B%2FN85fc14ZNy6bCMnAZyJYvPmlink%2FxHYH%2F72RdcO9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8a8ce56eb9e541df-EWR
alt-svc: h3=":443"; ma=86400
content-length: 694

GET
H/1.1 200
OK fc.php Show response
service.supercounters.com/ 37 B
288 B 38ms
10ms Script
application/x-javascript 172.104.29.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.supercounters.com/fc.php?id=1640083&w=0&v=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ref=&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&sw=1600&sh=1200&rand=28
Requested by: Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/texthit.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 7e12c9259d5c3e21a339528f2bf280e1781f3251d060892253e71922f6c80a01

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:53 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H2 200 MRjkcIzgMYTfAB5C Show response
soupy-user.com/cEDX9.6Jb/2K5/lDS/WuQO9GNXTII_3dMQzCEUw/O/Ck0E1/ 41 KB
14 KB 203ms
96ms Script
application/javascript 2607:fbe0:1:42::1d
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL

https://soupy-user.com/cEDX9.6Jb/2K5/lDS/WuQO9GNXTII_3dMQzCEUw/O/Ck0E1/MRjkcIzgMYTfAB5C

Requested by

Host: secretstars.mywebforum.com
URL: https://secretstars.mywebforum.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2607:fbe0:1:42::1d , United States, ASN40824 (WZ-US-40824, US),

Reverse DNS

Software

nginx /

Resource Hash

19db33d702cc953c53ea69305c4dc9ff30a8d106361ce8666fe95effafc9e7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2024 14:38:53 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H2 200 promo.php Show response
bngprm.com/ 6 KB
2 KB 286ms
94ms Script
text/html 185.75.254.28
VIKINGHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://bngprm.com/promo.php?c=291749&type=footer_bar

Requested by

Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/cb42003.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.75.254.28 , Netherlands, ASN48684 (VIKINGHOST, NL),

Reverse DNS

Software

nginx /

Resource Hash

bfed1845fa262f55d5e952c42ee9db926e5f24739472eed37555ebd262d0cd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
strict-transport-security: max-age=0;
content-encoding: gzip
x-bc-bl: 102
server: nginx
content-type: text/html; charset=UTF-8
access-control-allow-origin
cache-control: no-cache, public
x-bcs: ded7383
expires: Thu, 25 Jul 2024 14:38:52 GMT

GET
H/1.1 200
OK 23ca741.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 458 B
813 B 151ms
150ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/23ca741.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb9574ec410118c935fa6ad7fc7792d920bde547bfa60a92c2c2ec8c19c2b6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:53 GMT
Last-Modified: Thu, 16 May 2024 21:21:26 GMT
Server: cloudflare
ETag: "60c5d1c2cebd0f33b1631f5e8d6e8dd5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce56e8c701978-EWR
Content-Length: 458

GET
H/1.1 200
OK f2fb257.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 494 B
849 B 166ms
165ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/f2fb257.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5b5d047ad023757313fe4b2fc95c856c7f578bf3891a4a7e5fdd4736e257fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:53 GMT
Last-Modified: Thu, 16 May 2024 21:22:49 GMT
Server: cloudflare
ETag: "4a5e4bae54112801d183e0914d707962"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce56e8dadc443-EWR
Content-Length: 494

GET
H/1.1 200
OK ba43bc4.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 466 B
821 B 184ms
184ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ba43bc4.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5594af2c0a91d31897de7b45fcabdd09192d8b00189b0e71cafb7b5afc12e1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:53 GMT
Last-Modified: Thu, 16 May 2024 21:22:27 GMT
Server: cloudflare
ETag: "ddeca71b518a461abd58f4a635f9a3f5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce56e887b41ef-EWR
Content-Length: 466

GET
H/1.1 200
OK ae9661a.js Show response
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ 482 B
837 B 158ms
158ms Script
application/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/ae9661a.js
Requested by: Host: pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
URL: https://pub-1e27250373774d6ca37239bbf5810b5c.r2.dev/assets/0.3/7b8ec9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717d8e4aebe9c73302ad073d8406d1f57418ffd88e24cc0233ad85f060ecd558

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 14:38:53 GMT
Last-Modified: Thu, 16 May 2024 21:22:22 GMT
Server: cloudflare
ETag: "eb44255e9fdd369dc182bb49439f9a4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8a8ce56e8f5e7ca5-EWR
Content-Length: 482

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 423 KB
143 KB 264ms
263ms Script
text/javascript 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4833888168110763

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc11a9caef9b705c37086f8ba343dd09a28ca840155aeb494ac65a47b01ccf4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146095
x-xss-protection: 0
server: cafe
etag: 10451553382812781103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:38:53 GMT

GET
H2 200 73c041967343.js Show response
www.complete-afternoon.pro/ecc874/ 69 KB
31 KB 114ms
54ms XHR
application/javascript 2a02:b48:8301::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.complete-afternoon.pro/ecc874/73c041967343.js
Requested by: Host: soupy-user.com
URL: https://soupy-user.com/cEDX9.6Jb/2K5/lDS/WuQO9GNXTII_3dMQzCEUw/O/Ck0E1/MRjkcIzgMYTfAB5C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c7c2cf2d69f5055c74cab35cca711ce6b15b2acc4f20c447c54cf2eac129fb6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

expires: Sat, 27 Jul 2024 14:38:53 GMT
date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-proxy-cache: HIT

GET
H2 200 73c041967343.js Show response
www.complete-afternoon.pro/ecc874/ 69 KB
0 115ms
114ms Script
application/javascript 2a02:b48:8301::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.complete-afternoon.pro/ecc874/73c041967343.js
Requested by: Host: soupy-user.com
URL: https://soupy-user.com/cEDX9.6Jb/2K5/lDS/WuQO9GNXTII_3dMQzCEUw/O/Ck0E1/MRjkcIzgMYTfAB5C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c7c2cf2d69f5055c74cab35cca711ce6b15b2acc4f20c447c54cf2eac129fb6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 27 Jul 2024 14:38:53 GMT
date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-proxy-cache: HIT

POST
H2 200 Yk2.xlpmZnW-5p0qZrGsF_0uYvTw9xy-czmAlBkCP_WEUFzGNHD-EJ5KNLjMl_iOMPTQMR4-NTGUEV3WY_TYBZhaYb2-Ed3eZfDgc_wiMjmkZlj-ZnTocp2qM_2sEtwu
soupy-user.com/ 0
323 B 51ms
50ms Ping
text/plain 2607:fbe0:1:42::1d
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL

https://soupy-user.com/Yk2.xlpmZnW-5p0qZrGsF_0uYvTw9xy-czmAlBkCP_WEUFzGNHD-EJ5KNLjMl_iOMPTQMR4-NTGUEV3WY_TYBZhaYb2-Ed3eZfDgc_wiMjmkZlj-ZnTocp2qM_2sEtwu

Requested by

Host: soupy-user.com
URL: https://soupy-user.com/cEDX9.6Jb/2K5/lDS/WuQO9GNXTII_3dMQzCEUw/O/Ck0E1/MRjkcIzgMYTfAB5C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2607:fbe0:1:42::1d , United States, ASN40824 (WZ-US-40824, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 14:38:53 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H2 200 jquery-1.4.4.min.js Show response
i.bngprm.com/footer_bar/ 77 KB
27 KB 328ms
92ms Script
application/x-javascript 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/jquery-1.4.4.min.js
Requested by: Host: bngprm.com
URL: https://bngprm.com/promo.php?c=291749&type=footer_bar
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 10:28:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11025-6-5385-h-0-0---;11050-89-1576755----0-0-1
expires: Tue, 03 Jan 2023 21:02:57 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/ Frame 0797 0
0 42ms
14ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 45922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 01:53:31 GMT
etag: 2738592464165616
expires: Thu, 08 Aug 2024 01:53:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=Cookie%20Cookie--bottom%20Cookie--dark-lime&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 14:38:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F0E8 0
0 225ms
218ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4833888168110763&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721918333&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_14~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918333354&bpp=4&bdt=1581&idt=418&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6953089630435&frm=20&pv=2&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=447

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5043
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 14:38:54 GMT
expires: Thu, 25 Jul 2024 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
12 KB 128ms
86ms XHR
application/json 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718aeeaddbe7e939ecb0184672682a9fc364ce3206cd14c0551e712172126aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12774
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1CC6 0
0 165ms
163ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4833888168110763&output=html&h=280&slotname=9706371848&adk=2279027762&adf=2422113350&pi=t.ma~as.9706371848&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918333&rafmt=1&format=1200x280&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918333358&bpp=2&bdt=1586&idt=457&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 14:38:53 GMT
expires: Thu, 25 Jul 2024 14:38:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.cookie.min.js Show response
i.bngprm.com/footer_bar/ 932 B
723 B 94ms
94ms Script
application/x-javascript 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/jquery.cookie.min.js
Requested by: Host: bngprm.com
URL: https://bngprm.com/promo.php?c=291749&type=footer_bar
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: e50fc196e54238d5ff73f155ae2fdebaba3d3afcb6edd143fb535cb65cbe88c5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 10:28:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11039-3-154737-h-0-0---;11050-92-1576755----0-1-3
expires: Sun, 01 Jan 2023 16:10:58 GMT

GET
H2 200 jquery.videoEmbed2.min.js Show response
i.bngprm.com/footer_bar/ 1 KB
868 B 90ms
90ms Script
application/x-javascript 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/jquery.videoEmbed2.min.js
Requested by: Host: bngprm.com
URL: https://bngprm.com/promo.php?c=291749&type=footer_bar
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: c2081d787f836d41abf81b7795001417303f9229f4495d374c71c249117e7c2b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 10:28:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11058-5-4187881-h-0-0---;11050-92-1576755----0-0-0
expires: Mon, 26 Dec 2022 19:15:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
17ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 14:38:53 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB55 0
0 41ms
14ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 37126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 04:20:08 GMT
expires: Fri, 25 Jul 2025 04:20:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1E8A 0
0 88ms
43ms Document
text/html 2607:f8b0:400d:c07::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z5vrR1KQ4-ds_kOEsYdsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z5vrR1KQ4-ds_kOEsYdsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 14:38:54 GMT
expires: Thu, 25 Jul 2024 14:38:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-4833888168110763 Show response
fundingchoicesmessages.google.com/i/ 202 KB
67 KB 133ms
83ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4833888168110763?href=https%3A%2F%2Fsecretstars.mywebforum.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8180dce4b262b6ecfa2b8289474b45cc4eab1788afcc3415f8e686ed732304d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xm61z-BpbUh0UN9R_E8yaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-Xm61z-BpbUh0UN9R_E8yaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxELcHP-OdW5lE5jxdVK5kkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBuZGxnoFZfIEBAH4-PB8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 75ms
73ms Fetch
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 106ms
62ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.zB-Eflwtzak.es5.O/am=Mhg/d=1/rs=AJlcJMwvsZ68XTWPpHY9ejcstQYDXVNdag/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iRUeqQAKFJSZmm7OS7f4qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iRUeqQAKFJSZmm7OS7f4qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_HvWOdWNoGGr1-PMSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzI2M9A_P4AgMAfEgsWA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxV-9wbd9Jm3M9RhmFANpEu2xzjTqxHhVSPc0IDqTj5Qi7PmYNSWeBXtn5VlDUiVwkR0EKwpKtzUt2T3p-oOFETXtv5qvxp9ztOBmgonTaGUL-tE3rUMrVlroK8P8IjfRFzCkjOU2A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 48ms
48ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-9wbd9Jm3M9RhmFANpEu2xzjTqxHhVSPc0IDqTj5Qi7PmYNSWeBXtn5VlDUiVwkR0EKwpKtzUt2T3p-oOFETXtv5qvxp9ztOBmgonTaGUL-tE3rUMrVlroK8P8IjfRFzCkjOU2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxOTE4MzM0LDM1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zZWNyZXRzdGFycy5teXdlYmZvcnVtLmNvbS8iLG51bGwsW1s4LCJ6Qi1FZmx3dHphayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a82c548d2eb547ed7eb63da7e06c69d27d52c15b418d986f9f398ffa14e94573

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RcqDIdqxoBKi-DViIEW-Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RcqDIdqxoBKi-DViIEW-Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HP-OdW5lE3jw7PBORiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3MjYz0Ds_gCAwDJPzzK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6B77 0
0 190ms
190ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4833888168110763&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918334&rafmt=1&to=qs&pwprc=2500841298&format=1200x90&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918334164&bpp=1&bdt=2391&idt=-M&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7142024aaeb9de53%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaWiAjbB4OjfWwRQrpf7QhxtQ4Oag&gpic=UID%3D00000eb05f9f6dee%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaOfspUFWFT7VnA8DsXbGj-AnwcqQ&eo_id_str=ID%3Ddabc591c67916376%3AT%3D1721918333%3ART%3D1721918333%3AS%3DAA-AfjbBRfCi6CzJcBXmIw07Igbu&prev_fmts=0x0%2C1200x280&nras=2&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 14:38:54 GMT
expires: Thu, 25 Jul 2024 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6864 0
0 171ms
170ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4833888168110763&output=html&h=90&adk=3484811142&adf=3405525567&pi=t.aa~a.1226481606~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721918334&rafmt=1&to=qs&pwprc=2500841298&format=1200x90&url=https%3A%2F%2Fsecretstars.mywebforum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721918334164&bpp=1&bdt=2392&idt=1&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7142024aaeb9de53%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaWiAjbB4OjfWwRQrpf7QhxtQ4Oag&gpic=UID%3D00000eb05f9f6dee%3AT%3D1721918333%3ART%3D1721918333%3AS%3DALNI_MaOfspUFWFT7VnA8DsXbGj-AnwcqQ&eo_id_str=ID%3Ddabc591c67916376%3AT%3D1721918333%3ART%3D1721918333%3AS%3DAA-AfjbBRfCi6CzJcBXmIw07Igbu&prev_fmts=0x0%2C1200x280%2C1200x90&nras=3&correlator=6953089630435&frm=20&pv=1&ga_vid=1310034125.1721918334&ga_sid=1721918334&ga_hid=812721703&ga_fc=0&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2545469145651925&tmod=127075505&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js?bust=31085477

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 14:38:54 GMT
expires: Thu, 25 Jul 2024 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVK2PLoF9f9E5hHksBB0RUk-ueCQI8X9n8WjB2N0ay4Zxx1YNrcC7JEzYt--Kj8Gdb_4ktczfzcepmY4kDKwOVDkgqWPLLKlsIlIxYwoWhWa77et2BOPz1ZdAbKhffmlBZQYUGunw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 78ms
77ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVK2PLoF9f9E5hHksBB0RUk-ueCQI8X9n8WjB2N0ay4Zxx1YNrcC7JEzYt--Kj8Gdb_4ktczfzcepmY4kDKwOVDkgqWPLLKlsIlIxYwoWhWa77et2BOPz1ZdAbKhffmlBZQYUGunw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxOTE4MzM0LDQ4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2VjcmV0c3RhcnMubXl3ZWJmb3J1bS5jb20vIixudWxsLFtbOCwiekItRWZsd3R6YWsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e188c836a25321c5c7aeac408f0a34a095b0ed72bec78c387108b91308ea8878

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eYs7bS3Jp-0Zq_s4yeC-xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eYs7bS3Jp-0Zq_s4yeC-xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HP-OdW5lE9ixeXE7k5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmRsZ6BWXyBAQCsVDwh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 footer_bar.css
i.bngprm.com/footer_bar/ 7 KB
2 KB 91ms
91ms Stylesheet
text/css 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/footer_bar.css
Requested by: Host: i.bngprm.com
URL: https://i.bngprm.com/footer_bar/jquery-1.4.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: a98242068a08b9c8a80276daafe65e6f3e679adb5e6f93ba08961ef1e943c3dc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 10:28:12 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-cdn-diag: fra1-11026-5-5200-h-0-0---;11050-92-1576755----0-0-0
expires: Tue, 03 Jan 2023 22:57:33 GMT

GET
H2 206 4.webm
i.bngprm.com/footer_bar/video/ 36 KB
0 91ms
90ms Media
video/webm 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/video/4.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
last-modified: Fri, 31 May 2019 10:28:13 GMT
content-type: video/webm
Content-Range: bytes 0-540693/540694
cache-control: max-age=2592000
x-cdn-diag: fra1-11045-4-7151-h-0-0---;11050-92-1576755----0-0-1
accept-ranges: bytes
Content-Length: 540694
expires: Tue, 03 Jan 2023 20:36:53 GMT

GET
H2 200 bg-btton-free.png
i.bngprm.com/footer_bar/ 1 KB
2 KB 410ms
409ms Image
image/png 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bngprm.com/footer_bar/bg-btton-free.png
Requested by: Host: i.bngprm.com
URL: https://i.bngprm.com/footer_bar/footer_bar.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 1250b3f0037e97af2463453614f245af99dcc40a3c2f53bd6df99c83c132ae5f

Request headers

Referer: https://i.bngprm.com/footer_bar/footer_bar.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
last-modified: Fri, 31 May 2019 10:28:13 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11051-2-4328-h-0-0---;11050-91-1576755----0-0-1
accept-ranges: bytes
content-length: 1328
expires: Tue, 03 Jan 2023 09:17:11 GMT

GET
H2 200 fobar_close.png
i.bngprm.com/footer_bar/ 2 KB
2 KB 410ms
409ms Image
image/png 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bngprm.com/footer_bar/fobar_close.png
Requested by: Host: i.bngprm.com
URL: https://i.bngprm.com/footer_bar/footer_bar.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 60916c42eddbcce80271e3a126d99875515c60e90e382bd4602b516740e73685

Request headers

Referer: https://i.bngprm.com/footer_bar/footer_bar.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:54 GMT
last-modified: Fri, 31 May 2019 10:28:12 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11046-3-4362-h-0-0---;11050-91-1576755----0-0-1
accept-ranges: bytes
content-length: 1707
expires: Sun, 19 Mar 2023 09:56:33 GMT

GET
H2 206 4.webm
i.bngprm.com/footer_bar/video/ 16 KB
16 KB 449ms
91ms Media
video/webm 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/video/4.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 7106ac8a16dda48b36816dcdae234ac56a249df57bdd5fc8e991771114b79358

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=524288-

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
last-modified: Fri, 31 May 2019 10:28:13 GMT
content-type: video/webm
Content-Range: bytes 524288-540693/540694
cache-control: max-age=2592000
x-cdn-diag: fra1-11045-4-7151-h-0-0---;11050-92-1576755----0-0-1
accept-ranges: bytes
Content-Length: 16406
expires: Tue, 03 Jan 2023 20:36:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4833888168110763&su=secretstars.mywebforum.com&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95334529%2C95334830%2C95337868%2C95338229%2C95338263%2C31085477%2C95335245%2C95337093%2C95336266%2C31078663%2C31078668%2C31078670&doc=complete&pg_h=1782&pg_w=1600&pg_hs=1782&c=1&aa_c=1&av_h=150&av_w=1588&av_a=236640&all_s=535&b=607.234&all_b=52.234&d=0.157&all_d=0.168&ard=0.155&all_ard=0.166&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 14:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 206 4.webm
i.bngprm.com/footer_bar/video/ 480 KB
0 0ms
0ms Media
video/webm 66.254.122.33
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/footer_bar/video/4.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.33 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
last-modified: Fri, 31 May 2019 10:28:13 GMT
content-type: video/webm
Content-Range: bytes 32768-540693/540694
cache-control: max-age=2592000
x-cdn-diag: fra1-11045-4-7151-h-0-0---;11050-92-1576755----0-0-1
accept-ranges: bytes
Content-Length: 507926
expires: Tue, 03 Jan 2023 20:36:53 GMT

GET
H3 200 ad_big_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVo5vm77oETofBN-HCm7swZ2e2BdPYawg8bc9P6n48V3eyO7K3VhN1gwcsKpCx7SbGt_K4R1z9Smbl87BLIEOP-QfZcgn8GUnjd84KLhPe4dZGepAeBAiyuR4BpiQNzgmNMM0EL8RCnG42Eu6M5n6HqlQyjs... 54 B
109 B 36ms
35ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVo5vm77oETofBN-HCm7swZ2e2BdPYawg8bc9P6n48V3eyO7K3VhN1gwcsKpCx7SbGt_K4R1z9Smbl87BLIEOP-QfZcgn8GUnjd84KLhPe4dZGepAeBAiyuR4BpiQNzgmNMM0EL8RCnG42Eu6M5n6HqlQyjsFO4q0KjlCtiIsaeUG-00CvTq7dpf1f9/_/visitoursponsors._500x440..lazyload-ad./yahoo-ad-/ad_big_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.zB-Eflwtzak.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzGUOskY9oKvY3bjePwaGnLW3QC1Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0096fbe9cc6717ed3dadc96a237a7b0babfb16f5cd11fecbcc42495df598339a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jFN3pKhS5ecjHAw6gr5Phg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jFN3pKhS5ecjHAw6gr5Phg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxELcHP-PdW5lE9iw-meMkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBuZGxnoFZfIEBAIUXPD4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 68 KB
25 KB 23ms
22ms Script
text/javascript 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

001243d721944938bfc56605a351cb6494c37b62585379526e6e7ed14dc99efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25875
x-xss-protection: 0
server: cafe
etag: 12942442190462768253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 15:15:39 GMT

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
33ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B3-i5MqcbEQlOIGP9schbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-B3-i5MqcbEQlOIGP9schbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfH_WOdWNoEHvVdilFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgbmRsZ6BeXyBAQBB7yvI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lP6SA_K_LCzdf7Rt-eTgrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lP6SA_K_LCzdf7Rt-eTgrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfH_WOdWNoETJ5_lKLkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3MjYz0D8_gCAwBSkiwH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
61ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gqbQ2c6UPiwMmwpldHXtxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gqbQ2c6UPiwMmwpldHXtxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfH_WOdWNoETPy7UKLkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3MjYz0D8_gCAwBfhiwz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
61ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A7n-l9dVMxMHguOUB1JwmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-A7n-l9dVMxMHguOUB1JwmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfH_WOdWNoED03trlVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgbmRsZ6BeXyBAQAtQCuE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXM0aC-A3vCq6erc71IUOSfBCuGPKS_jM-FjDAsyrqn1reevNqVlleVGD5k5g8d0JXEvWZSmASQAJlSFKlSK_F1nLUVExnrGosqxQEfsUesrixxeaJuhRWESZc7OUU3fcHqwaqDlg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 43ms
42ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXM0aC-A3vCq6erc71IUOSfBCuGPKS_jM-FjDAsyrqn1reevNqVlleVGD5k5g8d0JXEvWZSmASQAJlSFKlSK_F1nLUVExnrGosqxQEfsUesrixxeaJuhRWESZc7OUU3fcHqwaqDlg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxOTE4MzM1LDIxMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zZWNyZXRzdGFycy5teXdlYmZvcnVtLmNvbS8iLG51bGwsW1s4LCJ6Qi1FZmx3dHphayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51234c224179e3b751ea8a352926870fc6d65759101589664a8067a0ed2644ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sYcCv_bqTNkLbTyTfBebRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-sYcCv_bqTNkLbTyTfBebRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxELcHP-PdW5lE5jw-UWRkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBuZGxnoFZfIEBAIuvPGk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVwrSb5xDTEIEm9bzmIc_-ge9pG1R33yj49Z4Ixxr6prwy6dbvqJVGb13pZv7cD2rlG8mltCadMdIFJ87Sfbpb6JrJIcOFlbZqeAokCmBv3nQ9mJM8bgkbjF_NDJtFG5f9IMjLlAg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
33ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwrSb5xDTEIEm9bzmIc_-ge9pG1R33yj49Z4Ixxr6prwy6dbvqJVGb13pZv7cD2rlG8mltCadMdIFJ87Sfbpb6JrJIcOFlbZqeAokCmBv3nQ9mJM8bgkbjF_NDJtFG5f9IMjLlAg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6y_aad6Yf8-E0D41zbnt3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6y_aad6Yf8-E0D41zbnt3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_H_WOdWNoEZs9a2MSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzI2M9A_P4AgMARPsrkw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
62ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVs7-PvLkg01a_sUnFRr-fUCNBZx27aZ1WPoYA9L9EaEIbtQR-3UsM_pfK0bq5jmX4AwOXBmQr9Rc50_rfBn73181-a-lmg11RFY7H7sWsh-iAjLBCtqlLEsnnppTejL0i84V4ezg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Jc890pypy6CLzq9zBPPv0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jul 2024 14:38:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Jc890pypy6CLzq9zBPPv0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_H_WOdWNoEfv69OYVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmRsZ6BubxBQYAir0shg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secretstars.mywebforum.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240722&jk=2545469145651925&bg=!6eql6qXNAAYaZPuaOmQ7ADQBe5WfOClszFPPbPU4tayjuj9O8gWlKgktF-sEqhSZePc-yv5sGPA3xAQOiOvLg9MZ3FvTAgAAAPBSAAAAA2gBB34ANubkwz6haJSy7qGT9tC-VNs0ybiJzxCQfW1lCbZNHE2cvQFkn6qEVZJAynUA6iUEiIW9pbOCkpkCvuQIqBRsbqnxnQBiiRCfm7N1t8Sitsn0Dlz0eA-8hQJmqe-uWpaXKfkn2n5Xpn3rxkUR4-EmXnhvQn0X86rUsyYghWEPCFRIef5aisORY8QE-w9FRbegBeM4BVPkh6dwrVWDAROjgRcHCasES8myjFeto4KmDmI89DGcShJ2pNrwuoCaJbjof4pu2wEz08djEbV9erAXRQNhKgndNMgOIkxV9D19HFTPoSiNBnBZ62AWGFAGFCNyPlnX9DtmPHjhfxIdfMxBnjTYMIgiaWU6vWsjWNFJJNSsjE5loZ8LXjdgR5k285UXMo1OT8vfpkh-yt5xRA7BdVBgW6fh20NSRIvgP7_XeL63Dz0kkqDeyt3nlQqKMwcXh1namIHHIfT0r2uk2D6ZEz3Ls8c0WnitmMuF9p-7RZgKwKBDxefopElkAiMwzIWm0AYNjVk8Kt65YQIYqea55EBiUumzi-f_tIKr8lNvKPJgQhG2TW2P9-6lu53Y2tgyXoMg415C_sHT0Mpvv23YUNoRH4n9vOSmbYLgE6P2CBLR6zs0OSpeu31eWSlinbH6oDnCamkBl9Zyw2ZhiTXlhJg3NL_NsCKByaWZELPH1y13fncN3Ftc3CgPUKvWnu6zfGgM7Mstf9qMyN8aLcXSIsxBEkZj9YU0RRU7RD8InZa4UYqliK0KQwyPR5CQft3IQZXq6rUnKWwPJgjDmBdtI1xIZ-Ffl7MwWVRgk0yos648PvLCeNHxX0UXAsSK_iHmBARC4FglGGf26EMnWvIVBw9bMo5Hkxhthuv0fUUrPigBVZxDNJTmYSCq9gHL0T18601zMFEmg3WUrIM9wSkhJi6twoEhk6aMiAGkTwvAv2ZXbVSqrcIUj0EYsVlxLZhC6X5fvQdfT5aXUJT5BV3eAIcbqBm7_dprBswoLBRkD5WASCycyponKg

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secretstars.mywebforum.com/	1969-12-31 23:59:59	Name: auth.strategy Value: local
secretstars.mywebforum.com/	1969-12-31 23:59:59	Name: auth.X-Host Value: secretstars.mywebforum.com
yy.puffexies.com/	1970-01-20 22:20:04	Name: GL_UI4 Value: eJw9jUFOwzAQRZMmTltoAiPlABwhTgpql4hNF9whcuxJaup4Kttt4fYYJJjVf19Pf5IkWdQPkF6LNWQX8QxPqtnzcde1e%2BSdks2W86YZux3GaxXfSlhr3wcxGAw5rPwsXOjDNYfNhBadlr0khSU8RuuvOVm62RzY4IRVJbA5GqaE5eDo5tHVGeRWzAjVAYUy6P3b0VFkNosPcpDx9iVmbWNOG1iQr7PqDti7tpfPalMkVVUkcH82Iozk5l6riGxyQiGkr7CSIuBE7guWCv0p0BmAjOr%2F%2Fd%2FfzPysQaHwqmVECkd034rNUZA%3D
.mywebforum.com/	1970-01-21 07:40:14	Name: __gads Value: ID=7142024aaeb9de53:T=1721918333:RT=1721918333:S=ALNI_MaWiAjbB4OjfWwRQrpf7QhxtQ4Oag
.mywebforum.com/	1970-01-21 07:40:14	Name: __gpi Value: UID=00000eb05f9f6dee:T=1721918333:RT=1721918333:S=ALNI_MaOfspUFWFT7VnA8DsXbGj-AnwcqQ
.mywebforum.com/	1970-01-21 02:37:50	Name: __eoi Value: ID=dabc591c67916376:T=1721918333:RT=1721918333:S=AA-AfjbBRfCi6CzJcBXmIw07Igbu
.doubleclick.net/	1970-01-21 07:54:38	Name: IDE Value: AHWqTUlfFMyokV1QkwY2-KZ1OkUzNcIM7gSB1N6_Zm897II3abGGvLnw7kkiYzdRnmI
my.rtmark.net/	1970-01-21 07:04:14	Name: ID Value: 0800a41be5d34747e1219ccc0607a120
.mywebforum.com/	1970-01-21 07:04:14	Name: FCNEC Value: %5B%5B%22AKsRol-hl5-7vQ6rb4a3zQKPXmAILN0NmKwZ8bHgtU0IluEDvGFl5PKdR-PsmuwCHPbUW-IoXHiJq4Tr88k8AS_OqmbiidAqldP1h6uKmO7F3xnYRlqvHAiHSVisFtpw67dezzcM2aetAGms2jUYaCCSTOFzuvnckg%3D%3D%22%5D%5D
ofleafeona.com/	1970-01-21 07:04:14	Name: OAID Value: 0800a41be5d34747e1219ccc0607a120

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secretstars.mywebforum.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pi3.piczhq.com/i/00062/al4oabdrud4z_t.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dr2.piczlabs.com/i/00199/2zql5xcijobi_t.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline';img-src 'self' data: https:;font-src 'self' data: https:;script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:;object-src 'none';form-action 'self';frame-ancestors 'self';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bngprm.com
dr2.piczlabs.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.bngprm.com
pagead2.googlesyndication.com
pi3.piczhq.com
pub-1e27250373774d6ca37239bbf5810b5c.r2.dev
secretstars.mywebforum.com
service.supercounters.com
soupy-user.com
streamtape.com
tpc.googlesyndication.com
widget.supercounters.com
www.complete-afternoon.pro
www.google.com
pagead2.googlesyndication.com
172.104.29.90
172.67.148.121
172.67.180.131
185.75.254.28
2606:4700:20::681a:5e
2606:4700:3037::6815:602e
2606:4700:3037::ac43:9a29
2606:4700::6812:223
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c1b::84
2607:f8b0:400d:c02::66
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c07::69
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c0d::9b
2607:fbe0:1:42::1d
2a02:b48:8301::1
66.254.122.33
001243d721944938bfc56605a351cb6494c37b62585379526e6e7ed14dc99efa
0096fbe9cc6717ed3dadc96a237a7b0babfb16f5cd11fecbcc42495df598339a
1250b3f0037e97af2463453614f245af99dcc40a3c2f53bd6df99c83c132ae5f
19db33d702cc953c53ea69305c4dc9ff30a8d106361ce8666fe95effafc9e7b0
32fe662927c1c21f95229b73f9098c3666890c898bda92b9d4db0ac98cb6a8e1
39cb9574ec410118c935fa6ad7fc7792d920bde547bfa60a92c2c2ec8c19c2b6
4016b91fd6447258b889d4d24623bdf245eac9bd5766b97a056c24865be2b244
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc
4bfe5918e4988a0d250b5de6aa153d6a5a5bfd769d1343e3cb203053ac448f47
504dfa2f17db322b33d8756ecffbefb6435ac52a095a3be0b027550239473dd4
51234c224179e3b751ea8a352926870fc6d65759101589664a8067a0ed2644ae
60916c42eddbcce80271e3a126d99875515c60e90e382bd4602b516740e73685
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c7c2cf2d69f5055c74cab35cca711ce6b15b2acc4f20c447c54cf2eac129fb6
7106ac8a16dda48b36816dcdae234ac56a249df57bdd5fc8e991771114b79358
717d8e4aebe9c73302ad073d8406d1f57418ffd88e24cc0233ad85f060ecd558
718aeeaddbe7e939ecb0184672682a9fc364ce3206cd14c0551e712172126aa2
7e12c9259d5c3e21a339528f2bf280e1781f3251d060892253e71922f6c80a01
834100b1c48037891fa77deac4269b98ef82719a5478f9eab897ede4fb17d551
8b99af59e75387bad78d5131c9422c5524fa6a4e9fa1f706a1963ac6a34c3a4a
a11c00cfe15af91d93c02c538bfc30ec82e04f0967b4eca02f6b0d2649ba813d
a3f27407cb33454ced62c93365a014b4f530b7ae8d13d585bc6c44a74c110492
a82c548d2eb547ed7eb63da7e06c69d27d52c15b418d986f9f398ffa14e94573
a98242068a08b9c8a80276daafe65e6f3e679adb5e6f93ba08961ef1e943c3dc
ac5594af2c0a91d31897de7b45fcabdd09192d8b00189b0e71cafb7b5afc12e1
b3120ed90ea0539af3f4c9c50088b6d7dd6e8750bfa4ff2f9c4a3150eea3722b
bbff6f582d70a2f4776cb1d29a6aefd8995067960e151ebfcc6b7b4fc642637d
bc11a9caef9b705c37086f8ba343dd09a28ca840155aeb494ac65a47b01ccf4d
bfed1845fa262f55d5e952c42ee9db926e5f24739472eed37555ebd262d0cd42
c2081d787f836d41abf81b7795001417303f9229f4495d374c71c249117e7c2b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d8180dce4b262b6ecfa2b8289474b45cc4eab1788afcc3415f8e686ed732304d
da5b5d047ad023757313fe4b2fc95c856c7f578bf3891a4a7e5fdd4736e257fb
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
e0989fc0986e084bc14deacbe1271c7adb7a47e01015d29a545bb772bc9616a7
e188c836a25321c5c7aeac408f0a34a095b0ed72bec78c387108b91308ea8878
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50fc196e54238d5ff73f155ae2fdebaba3d3afcb6edd143fb535cb65cbe88c5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

secretstars.mywebforum.com Open in urlscan Pro 2606:4700:20::681a:5e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

72 %IPv6

14 Domains

18 Subdomains

19 IPs

2 Countries

4437 kBTransfer

5781 kBSize

10 Cookies

6 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secretstars.mywebforum.com Open in urlscan Pro
2606:4700:20::681a:5e Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

2
Countries

4437 kB
Transfer

5781 kB
Size

10
Cookies

64 HTTP transactions
0 data transactions