galaxyfirmware.org Open in urlscan Pro
78.47.153.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d.mobillee.top/
Effective URL:
https://galaxyfirmware.org/
Submission: On February 13 via api (February 13th 2024, 3:08:15 pm UTC) from US — Scanned from US

Summary HTTP 215 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 23 domains to perform 215 HTTP transactions. The main IP is 78.47.153.119, located in Leverkusen, Germany and belongs to HETZNER-AS, DE. The main domain is galaxyfirmware.org.
TLS certificate: Issued by R3 on January 3rd 2024. Valid for: 3 months.

This is the only time galaxyfirmware.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:ae87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	78.47.153.119 78.47.153.119	24940 (HETZNER-AS) (HETZNER-AS)
8	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 1	2606:4700:20:... 2606:4700:20::681a:5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.253.144.208 103.253.144.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3 21	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
4	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
11	2607:f8b0:400... 2607:f8b0:4006:808::201b	15169 (GOOGLE) (GOOGLE)
33	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
6	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:81d::2004	() ()
1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	() ()
2 2	2606:ae80:145... 2606:ae80:1451:17::1370	() ()
7	142.251.40.226 142.251.40.226	() ()
2 2	52.223.40.198 52.223.40.198	() ()
1 1	54.144.126.196 54.144.126.196	() ()
2 2	35.207.24.140 35.207.24.140	() ()
1 1	199.38.167.131 199.38.167.131	() ()
1 1	82.145.213.8 82.145.213.8	() ()
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
215	20

1 2606:4700:3034::ac43:ae87 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d.mobillee.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 78.47.153.119 (Leverkusen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.119.153.47.78.clients.your-server.de

galaxyfirmware.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.trakteer.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.253.144.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sgp1.digitaloceanspaces.com

trakteer-assets.sgp1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:81c::2002 (United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:808::201b (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:17::1370 (None, ) 2 redirects

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.226 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.126.196 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (None, ) 1 redirects

ASN- ()

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
59	galaxyfirmware.org galaxyfirmware.org	817 KB
28	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net	297 KB
19	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 335	155 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	193 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 www.google.com	71 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 139
4	8proof.com 8proof.com — Cisco Umbrella Rank: 41701	173 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	fbcdn.net static.xx.fbcdn.net	138 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	878 B
2	dotomi.com 2 redirects dclk-match.dotomi.com	890 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	90 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	151 KB
1	facebook.com www.facebook.com	15 KB
1	opera.com 1 redirects t.adx.opera.com	672 B
1	rfihub.com 1 redirects a.rfihub.com	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	quantserve.com cms.quantserve.com	464 B
1	digitaloceanspaces.com trakteer-assets.sgp1.digitaloceanspaces.com — Cisco Umbrella Rank: 344884	81 KB
1	trakteer.id 1 redirects cdn.trakteer.id — Cisco Umbrella Rank: 194626	600 B
1	mobillee.top 1 redirects d.mobillee.top	438 B
215	23

	Domain	Requested by
59	galaxyfirmware.org	galaxyfirmware.org
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	pagead2.googlesyndication.com	galaxyfirmware.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	storage.googleapis.com	srcdoc
9	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	galaxyfirmware.org googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.googleadservices.com	galaxyfirmware.org
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	8proof.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.xx.fbcdn.net	www.facebook.com
2	rtb.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	connect.facebook.net	galaxyfirmware.org connect.facebook.net
2	www.googletagmanager.com	galaxyfirmware.org www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	t.adx.opera.com	1 redirects
1	a.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	trakteer-assets.sgp1.digitaloceanspaces.com	galaxyfirmware.org
1	cdn.trakteer.id	1 redirects
1	d.mobillee.top	1 redirects
215	28

This site contains links to these domains. Also see Links.

Domain
blog.galaxyfirmware.com
opencorner.net
t.me
bit.ly
www.samsung.com
trakteer.id
rapidapi.com
www.roosterkid.com

Subject Issuer	Validity	Valid
galaxyfirmware.org R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-16` - `2025-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://galaxyfirmware.org/
Frame ID: 273CC2001077547C7D9EA741B4A7247C
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html
Frame ID: 742B6A7AAAE6A02BA56BBD451C2254D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&adk=1812271804&adf=3025194257&lmt=1707836888&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgalaxyfirmware.org%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~13&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887697&bpp=6&bdt=921&idt=535&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5617353622419&frm=20&pv=2&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=609
Frame ID: 1C114343AC7BCC6C9AF239D289C7DC02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=200&slotname=9147965383&adk=3542967804&adf=3119996176&pi=t.ma~as.9147965383&w=1110&fwrn=4&lmt=1707836888&rafmt=11&format=1110x200&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887703&bpp=2&bdt=928&idt=617&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=637
Frame ID: 103070312879C500B9DFF6B83E621828
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=280&slotname=5911427955&adk=2614709732&adf=3992409303&pi=t.ma~as.5911427955&w=1054&fwrn=4&fwrnh=100&lmt=1707836888&rafmt=1&format=1054x280&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887705&bpp=2&bdt=929&idt=673&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=680
Frame ID: BB4966022198C66CA069F09445516038
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=600&slotname=8346019600&adk=2507178410&adf=220581602&pi=t.ma~as.8346019600&w=300&lmt=1707836888&format=300x600&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887707&bpp=1&bdt=932&idt=696&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200%2C1054x280&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=710
Frame ID: EF6A458910CA2CDC2009B3B264D79F14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQG__2IXLZe2lHKzhxtYPn5uggA36j4XmbaCDqMWtDcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTQ0MDQwMTk1MjExMDc2NzLIAQmoAwHIAwKqBNEBT9C5tIBHEp7fQAdXweVInvpKd2VmhEdybaf4cfKDP1_rwc6IYDqodEieHsThJlnHz3R9fjzvK1ToE3r4RIyVjJsW_kt_mw1nI2lkmXA-oVsz6pKJHcMI4mDAcYrRW-UgGeI5KoDBLaWJMP9RlJ4QV_LTjzGqcBcSM_sN_CjBqOeJc6oCrwDF4x-mEra0o9cIgX4rZdf4KqSXgJr5lbIppQBc-jk46xyX259lzZdV2ML9TrF9qVwPKPbZjfyagkPkg76aEGMshh5N-pHpEuPpSq6ABr7l_Pmcp8HdUqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WJ-xyJjMqIQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MDQwMTk1MjExMDc2NzIYAA&sigh=-U2vQP1bsrw&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_oXdF0B9Utaz4h1IEcDEN2EXbcS1JER6LHKES5lOAHa3_S4_418cF27xrSF-4p6ef2oDtYFFIdLawAUVq7u7P5TYG6iG8SoPOLBgB&cbvp=2&vis=1
Frame ID: F3B40A9715140F4010E6A3E6E22CEDB7
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 13AB7D7AE6E5F0AE9A0C7004916780DC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: 09612D58D4F07C8275885936C2013286
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&daaos=1707821061847&w=1200&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1200x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600&nras=2&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=61
Frame ID: 5CA31EC00A3FA5FA3E4D6244CF3C54B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=100&adk=2287261315&adf=1279138191&pi=t.aa~a.1681909044~rp.4&daaos=1707821061847&w=540&fwrn=1&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=540x100&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90&nras=3&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=67
Frame ID: 6199827626B23E1E681B8D4EF3D54DB0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73
Frame ID: D40F5774202B6CF77BEE63F7B214CDC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 78CA01102686E8FBAB2B6F5C525DF2A7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A9B7EC990B70916699B8356D481239F8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 49389E6E8B432977555EE272F4977EA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9DF4F713C11A07ED92C50EFDC8E0267C
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: F4EFBEB0770972A9633ACDAA360BF0E5
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 7989A0DEC783C8DCEAE4472EDE6F35E1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: BF0D69671CB3D27C0B086B0E03716412
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 734270D47DD364423F528418E00FD75F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA7832087ADBAE232D5E448385B0DA11
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: 6900C4CADB4E3767E8FEA6D4F600C638
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: 66505A598A8B3C38DAA9BBFDDA372B63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js
Frame ID: A8C003087649CB6778C8F3522CB62520
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js
Frame ID: B2B4D772E02E734FAED984C971708EF8
Requests: 6 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/roboto-v30-latin-regular.woff2
Frame ID: 31DF70793CDD650F0A3B0D246D3F4E75
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AD89128999B4B31AC307DF77F30CF0E
Requests: 9 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 61C65C17204EB8B5895FE4F04758EB3E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: 52532089B4C8CD1353F1AB5C6FB6B3F3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=2015629328680913&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcc8d44624f6c95c5%26domain%3Dgalaxyfirmware.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgalaxyfirmware.org%252Ff053f32894b1d888f%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fgalaxyfirmware&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=
Frame ID: 48AE35FE7B8B23BC321AA1ADCE188248
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFEBFFF4C127768CB97F2A31A292CE57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8BBBFE7FB9282A705B01C7D3FF5E4C8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galaxy Firmware

Page URL History Show full URLs

https://d.mobillee.top/ HTTP 301
https://galaxyfirmware.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

215
Requests

95 %
HTTPS

63 %
IPv6

23
Domains

28
Subdomains

20
IPs

3
Countries

3164 kB
Transfer

7814 kB
Size

32
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.galaxyfirmware.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://opencorner.net/categories/android-roms-recoveries
Title: Community

Search URL Search Domain Scan URL

URL: https://t.me/galaxyfirmware_com
Title: Join our Telegram

Search URL Search Domain Scan URL

URL: https://bit.ly/3dEVJvS
Title: Buy me a storage

Search URL Search Domain Scan URL

URL: https://opencorner.net/discussion/6/list-samsung-galaxy-devices-eligible-for-the-one-ui-4-0-update-android-12
Title: List Samsung Galaxy devices eligible for the One UI 4.0 update (Android 12)

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/smart-switch/
Title: Samsung Smart Switch

Search URL Search Domain Scan URL

URL: https://www.samsung.com/levant/support/kies/
Title: Samsung Kies

Search URL Search Domain Scan URL

URL: https://trakteer.id/roosterkid/tip

Search URL Search Domain Scan URL

URL: https://rapidapi.com/ariesbrow/api/galaxy-firmware
Title: Developer

Search URL Search Domain Scan URL

URL: https://www.roosterkid.com/
Title: Roosterkid.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d.mobillee.top/ HTTP 301
https://galaxyfirmware.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://cdn.trakteer.id/images/embed/trbtn-red-3.png HTTP 302
https://trakteer-assets.sgp1.digitaloceanspaces.com/images/embed/trbtn-red-3.png

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ5Nf2IXLZZ3YF8_extYPw6yM8APOiNvpdbfYxYy9Eozy-viLDhABILebiTZgye6Oi8CkjBCgAZjp0JApyAEJqQLSwtrldg-yPqgDAcgDy4SAgASqBN4BT9CrAh6rPDeyjW5Ym0s7GDUyHlA-syEuQryIvEhMS23I5i9E4gVjaJoj1UUhaGfvZ1kGvQdCQfp62eBoDgNKrVP9_RmIN1FcvyCS9zQu6_wjklLAu4813JILEFOdHAGs332WrYQLoj2N3RmTa7aHJ-ekbV8rE2MQHSH05FioNKgd1s2O_f6KQu64rhEyempA35iX-N2olN-XCZIAa3rzkEVbAVBUflR0hwqLctFvJjbYlDILkMncnqZWp-B2r54k4E6wpgS9TRyO69myqX8Ya7qQjmbgCgqq5RU_gMpRwAS5ppvq1gSIBcf3hIxOkgUECAQYAZIFBAgFGASgBi6AB5ihofADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQ_KMX0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNnqw5jMqIQDmgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoByAsB2gwQCgoQ4IjZipSYgOsiEgIBA7gT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNDQwNDAxOTUyMTEwNzY3MhgA&sigh=Frg-poPAfmk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_1mcwUFZbTBpgP-cPv5XMK_3x4i1uH8Vno_5lx_RxhrInpdPSY5fstuQb3x4k-eDdhqXSDeAm-J_WT8ni0m5SvY9DPL06kE5YexgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220x78b8d6f104135f900000000000000000%22,%224%22:%220x25d92497ad421c5b0000000000000000%22,%225%22:%220xc1579b2f33223cd50000000000000000%22},%22debug_key%22:%2210984901320627725559%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040732312%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224706053660956750865%22}&andc=true

Request Chain 137

https://googleads.g.doubleclick.net/pagead/adview?ai=CEcDo2IXLZd6gGpiC3rsPucCF6APzlefZdZHbzMSzEpCejtePDhABILebiTZgye6Oi8CkjBCgAZjp0JApyAEJqQLSwtrldg-yPqgDAcgDywSqBOQBT9A9033UtG-Pcl3V7v58mncmU20GsI0fbn-JRnuwHmjhpysW35A1pxnYpkrDUK1MZUjQ97degx1IhlvHlm_UXwdGSeCbDeDnIkR5AW_MXEFC76iR8Rq3z-qiwIkqmNNNEz8519ykk5IgTk6h5Wq6srJJuqndXmqoxp0goRKEE4Oe7tJPXz0O2x9FCw6151vm8BEOZPiqb8fpuDr5nzpzN6Z3DUm6UZU5wZokBeTlNYmDI4ffq5Qxc0GxMmNNgz5z8NQ-Yn8ZAia0usY2s-pDv_oHN0On1lmWnuyT04G007-ck9w7wATxzLjd0ASIBezxsP9NkgUECAQYAZIFBAgFGASgBi6AB5ihofADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwUQ18K0AdIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOli6rsaYzKiEA5oJG2h0dHBzOi8vdGVtcG9zZWFyY2guY29tL2RzcoAKAcgLAdoMEAoKEPDC7cjbp9OJRRICAQO4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTQ0MDQwMTk1MjExMDc2NzIYAA&sigh=zWZx4kmTztQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_ETMC6Z5-VTtJkufc_8c4nCl6gZvDxnl1kNMpo6LxYM0d6YbOmgD8IIcFvTCkGPd5-A38-KbWhP07TmnSfdaTwKAM1gTtjTYchn4YAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220xc00caa6a4773bda40000000000000000%22,%224%22:%220x3f1b8a782d1a6a320000000000000000%22,%225%22:%220xc1579b2f33223cd50000000000000000%22},%22debug_key%22:%227882920531667992796%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040732312%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580150560021638385%22}&andc=true

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_cver=1&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYjI5uiw1v8S3YC0gEfyP0jgF3QffDIZ87SPBPRkVynz9hM-fy06 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4d9547e2620149b&is_secure=true&networkId=14000&version=1&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_cver=1&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYjI5uiw1v8S3YC0gEfyP0jgF3QffDIZ87SPBPRkVynz9hM-fy06 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHJ848FRTuZwMWReIRAAAAAAA&expiration=1707923291&google_cver=1&is_secure=true&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYjI5uiw1v8S3YC0gEfyP0jgF3QffDIZ87SPBPRkVynz9hM-fy06

Request Chain 196

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMefejWq3_NQkOnGz9DTUf0&google_cver=1&google_push=AXcoOmR6BS1l-HQYanM9QR3-h3DPCM6WXyHD5hU_Abi0upycEmWnMF1dttKnhDy2vGtFNQWC_g2y2vBNH6eTZWVzqj__df3fbLuWZbs HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMefejWq3_NQkOnGz9DTUf0&google_cver=1&google_push=AXcoOmR6BS1l-HQYanM9QR3-h3DPCM6WXyHD5hU_Abi0upycEmWnMF1dttKnhDy2vGtFNQWC_g2y2vBNH6eTZWVzqj__df3fbLuWZbs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzlmMGY5NWItODIyOS00OTZkLWI0MDEtNmFkNTVjYTU0Njhi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c9f0f95b-8229-496d-b401-6ad55ca5468b

Request Chain 197

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMtK39D8yz4HgGy3jtPhIHY&google_cver=1&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5XqBoBhqPDCG0iRIDcY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4olPzsHtXVlnywKyINlUh2AJ9sQ&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5XqBoBhqPDCG0iRIDcY

Request Chain 198

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEN-NZxZmn2bx3FzgwtEtfpU&google_cver=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3Kxn6U3Xg12DiDlIS8vtp4GnvYCXqUBQ HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEN-NZxZmn2bx3FzgwtEtfpU&google_cver=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3Kxn6U3Xg12DiDlIS8vtp4GnvYCXqUBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RrYcpnFEQD6gfElPLqZoBA==&no_redirect=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3Kxn6U3Xg12DiDlIS8vtp4GnvYCXqUBQ

Request Chain 199

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEAxXeikfHVslcLHvzW_CvqI&google_cver=1&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEdHnFk9jJ2L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEdHnFk9jJ2L&google_hm=ODUwODMxMjc0MTQ5MjEwNjAxNQ==

Request Chain 200

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTEks7PaiB0IQKHZBpvf4HeTbO678dgzSMqG30W7I58pflLh5c2thd3d6oZXYnqIZALuVtb11Obt5GNd1Rw9qRRGwwFJp2tE8Q1&google_gid=CAESEInT0jawHwpb0zvysfRLhVs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEInT0jawHwpb0zvysfRLhVs&google_hm=T1BVNTRjNGQ0MTM3Y2ZmNDE4ZWFhNjFkNmUyNzI3OGYzZjg&google_nid=opera_norway_as&google_push=AXcoOmTEks7PaiB0IQKHZBpvf4HeTbO678dgzSMqG30W7I58pflLh5c2thd3d6oZXYnqIZALuVtb11Obt5GNd1Rw9qRRGwwFJp2tE8Q1

Request Chain 206

https://googleads.g.doubleclick.net/pagead/adview?ai=CEhRO2YXLZYO1NazuxtYPl_6egAWG8s7sdaqj74rFEuvO3bOZDhABILebiTZgye6Oi8CkjBCgAZyjndIqyAEJqQJ--LmYd0WSPqgDAcgDywSqBOoBT9An_k1X3eMRa3vME2jFzRJ3evCPFJj9s7coQmQBhup5SxR9MiAT9TvgTLUQy1YMXoIz6Mi1YdwYCBfEKStdtADrbLqOBZU-CuPp-XN_54XHfJxZy6K-5zQ5UP4pjrtQDa1clyOk3BAV-kwke9Lk4joEz2WqDzxOx65ykoLpahXHVtYJgvA2ymk-W3tcKBYM03JpT952yQteoWc-Z3Ch66uhmy_YVQspAS46DmdJMb5kmVXpQCDybeXQnAc3xXMtjeGZ22fstK1PLOhwa4tVZkH_FSwr5tuuU8L0My1Fqc_Dy8DAEl3tvSgTwATc3saXzgSIBcDSoPlNkgUECAQYAZIFBAgFGASgBi6AB5zb7bEFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQya0N0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WIvKnpnMqIQDmgmbA2h0dHBzOi8vc2VyaXRhcy5jby9hcnRpY2xlLzEzODgzP3V0bV90ZXJtPUJlc3QlMjBQb3J0Zm9saW8lMjBtYW5hZ2VtZW50JTIwdG9vbHMsUm9iby1hZHZpc29yJTIwcG9ydGZvbGlvJTIwbWFuYWdlbWVudCUyMHRvb2xzLFBvcnRmb2xpbyUyMG1hbmFnZW1lbnQlMjBzb2Z0d2FyZSUyMHdpdGglMjByaXNrJTIwYXNzZXNzbWVudCxSZWFsLXRpbWUlMjBwb3J0Zm9saW8lMjB0cmFja2luZyUyMGFuZCUyMGFuYWx5c2lzJTIwdG9vbHMsUG9ydGZvbGlvJTIwbWFuYWdlbWVudCUyMHRvb2xzJTIwZm9yJTIwcmV0aXJlbWVudCUyMHBsYW5uaW5nLElubm92YXRpdmUlMjBwb3J0Zm9saW8lMjBtYW5hZ2VtZW50JTIwYXBwcyUyMGZvciUyMG1vYmlsZSUyMGRldmljZXMmY2FtcF9pZD0yMTY5OTImZ2RuND0xJnV0bV9zb3VyY2U9Z2RuNIAKAcgLAdoMEQoLEPClicL_1tDd4AESAgEDuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NDA0MDE5NTIxMTA3NjcyGAA&sigh=PRbkcDgzjWg&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_JWfI0uZroVB_pQn8SJuM1H-qOO4y8Ok0U7YhJMjQyH0VG4gmzNIrtgNTpKnf6xUHGSSuXLfLGAE&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x306ce65bc8cccab0000000000000000%22,%222%22:%220x173298c436ddf9f30000000000000000%22,%223%22:%220x69924eb979f3a75e0000000000000000%22,%224%22:%220xbb9fa3ebfbab36f00000000000000000%22,%225%22:%220x8c5172f7a377dbaa0000000000000000%22},%22debug_key%22:%226499409072644238090%22,%22debug_reporting%22:true,%22destination%22:%22https://seritas.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211446735260%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213546107102743303297%22}&andc=true

215 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
galaxyfirmware.org/
Redirect Chain

https://d.mobillee.top/
https://galaxyfirmware.org/

40 KB
7 KB

490ms
115ms

Document
text/html

78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 7705195580e738309728cf0d297fecf6418d2de86b89c92bd7f185d239d0de9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Feb 2024 15:08:06 GMT
Server: nginx/1.10.3
Vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 854dfc183fa34bcc-BUF
content-type: text/html; charset=iso-8859-1
date: Tue, 13 Feb 2024 15:08:06 GMT
location: https://galaxyfirmware.org
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FLQaXwg%2FWMiP2Y9ZIe0kxkOL4TbLfWHwWU2YndUfIW%2F1GUwaX2nDUMY8hkVHbnPNan9iUPPsuStO6PtuHnUS1MmRz0PlRHMCFHhlyPaZ4jBgnFDsHFfTtMIFs%2BFdRfmkOuABCU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
2 KB 117ms
54ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:05:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:06 GMT

GET
H/1.1 200
OK bootstrap.min.css
galaxyfirmware.org/assets/css/ 157 KB
24 KB 124ms
117ms Stylesheet
text/css 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/css/bootstrap.min.css
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:52:01 GMT
Server: nginx/1.10.3
ETag: "27293-5a5764848ae40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23845

GET
H/1.1 200
OK cookiealert.css
galaxyfirmware.org/assets/css/ 12 KB
9 KB 345ms
115ms Stylesheet
text/css 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/css/cookiealert.css
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 68ca74c32f951cfc0e8b8ccdb3ae0c3792fd2187db3b9a8b1010a5b772572022

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 03:59:47 GMT
Server: nginx/1.10.3
ETag: "2f9e-5d2ff1a885b9e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8822

GET
H/1.1 200
OK style.css
galaxyfirmware.org/assets/css/ 4 KB
2 KB 346ms
116ms Stylesheet
text/css 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/css/style.css
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3d9848032cd97de2f0ee227feb3b842ca9a1d4362446fbb4b8c4aadef9e5f9d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jan 2022 08:30:28 GMT
Server: nginx/1.10.3
ETag: "1074-5d663e5bc9100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1398

GET
H/1.1 200
OK icon.css
galaxyfirmware.org/assets/css/ 153 KB
30 KB 464ms
234ms Stylesheet
text/css 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/css/icon.css
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 1368dc3d9f9eb0bd9b73d5959366cb5e81cb909d2b8ca3e626c21233b342bd78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jun 2020 05:30:19 GMT
Server: nginx/1.10.3
ETag: "262d9-5a855127690c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29982

GET
H/1.1 200
OK flag-icon.min.css
galaxyfirmware.org/assets/css/ 33 KB
3 KB 346ms
116ms Stylesheet
text/css 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "84a9-5aa9de5b53a00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2812

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
912 B 111ms
51ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6bfe771a066565d51ef78b2ac6910e3f459108f79040d4866cbe731d0ac1e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:11:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:06 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
galaxyfirmware.org/assets/js/ 87 KB
30 KB 460ms
231ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/jquery-3.5.1.min.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 08:27:01 GMT
Server: nginx/1.10.3
ETag: "15d84-5ac95d5d27f40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30910

GET
H/1.1 200
OK bootstrap.min.js Show response
galaxyfirmware.org/assets/js/ 59 KB
15 KB 351ms
117ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/bootstrap.min.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:52:01 GMT
Server: nginx/1.10.3
ETag: "eb0e-5a5764848ae40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14890

GET
H/1.1 200
OK handlebars.min.js Show response
galaxyfirmware.org/assets/js/ 78 KB
24 KB 580ms
231ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/handlebars.min.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 08:27:51 GMT
Server: nginx/1.10.3
ETag: "13981-5ac95d8cd6fc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24168

GET
H/1.1 200
OK typeahead.bundle.min.js Show response
galaxyfirmware.org/assets/js/ 39 KB
12 KB 469ms
121ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/typeahead.bundle.min.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 10:50:09 GMT
Server: nginx/1.10.3
ETag: "9b45-5aaf1630a1a40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11537

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 160ms
59ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-124198581-2

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35c1215c2ac9fccc5d4b2d76554ecbb698e83f7ed4d3b564d67bae046e72533c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 15:08:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 206ms
108ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

299f8ff3f6de8b92fae5a9cfba2ef2e3a29656554f773eb30fe3d3a2e647ca35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51855
x-xss-protection: 0
server: cafe
etag: 836347601092852789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Feb 2024 15:08:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 129ms
30ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a736daf331504161482b80810fc07d06f0a91d47dc03c9cec0808785cd76a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galaxyfirmware.org/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 15:08:07 GMT
content-md5: xw5VAKoyhSJd6vqCgOpZGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: kSEILW2qaPIwMKzKqVHfDtp8GV3rRwsboTGIl9chzyFtxL5tLJjkqS5N923VmXoDPcu1p2kwtH2SyTH009o1EQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: da4dc9165bab874d9092b693d12adf2c
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b7595814b8175ac54eb28b246279e9d8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:15:47 GMT

GET
H/1.1 200
OK BTC.png
galaxyfirmware.org/img/icon/ 2 KB
2 KB 119ms
118ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/icon/BTC.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Wed, 21 Oct 2020 06:06:50 GMT
Server: nginx/1.10.3
ETag: "625-5b22827387280"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1573

GET
H/1.1 200
OK BTC.png
galaxyfirmware.org/img/ 1015 B
1 KB 115ms
115ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/BTC.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: bb74c24862d9504047c043881ea6ec701fcfdde2ed18619b3e7528be4b2e2aea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 25 Sep 2020 07:20:32 GMT
Server: nginx/1.10.3
ETag: "3f7-5b01e26eb1000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1015

GET
H/1.1 200
OK ETH.png
galaxyfirmware.org/img/icon/ 2 KB
2 KB 115ms
114ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/icon/ETH.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Wed, 21 Oct 2020 06:07:03 GMT
Server: nginx/1.10.3
ETag: "6df-5b22827fecfc0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1759

GET
H/1.1 200
OK ETH.png
galaxyfirmware.org/img/ 1 KB
1 KB 115ms
115ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/ETH.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 00f59da926d489e3ac5c881db1bd2699717b8b5106a9b7968dde2fa02d2c1f9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 25 Sep 2020 07:21:21 GMT
Server: nginx/1.10.3
ETag: "407-5b01e29d6be40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1031

GET
H/1.1 200
OK XMR.png
galaxyfirmware.org/img/icon/ 1 KB
2 KB 115ms
114ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/icon/XMR.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: e7437303df46a7ffd5bc94d07b13f07668ca4b25275584f7a55bf00be930355a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Wed, 21 Oct 2020 06:07:15 GMT
Server: nginx/1.10.3
ETag: "580-5b22828b5eac0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1408

GET
H/1.1 200
OK XMR.png
galaxyfirmware.org/img/ 1 KB
1 KB 117ms
116ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/XMR.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 2bf96c66e3d73bb911bcd3f48515ec8856f9e08fad67a3006c1b2d0954d61cda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 25 Sep 2020 07:24:28 GMT
Server: nginx/1.10.3
ETag: "4e5-5b01e34fc2300"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1253

GET
H/1.1 200
OK LTC.png
galaxyfirmware.org/img/icon/ 1 KB
2 KB 118ms
117ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/icon/LTC.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Wed, 21 Oct 2020 06:07:29 GMT
Server: nginx/1.10.3
ETag: "5e3-5b228298b8a40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1507

GET
H/1.1 200
OK LTC.png
galaxyfirmware.org/img/ 1017 B
1 KB 118ms
117ms Image
image/png 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/LTC.png
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: bce89e541124ba056e50879611618d51b440d8cdcc6a2d29efdc4c725b7c7e24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 25 Sep 2020 07:24:03 GMT
Server: nginx/1.10.3
ETag: "3f9-5b01e337eaac0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1017

GET
H2

200

trbtn-red-3.png
trakteer-assets.sgp1.digitaloceanspaces.com/images/embed/
Redirect Chain

https://cdn.trakteer.id/images/embed/trbtn-red-3.png
https://trakteer-assets.sgp1.digitaloceanspaces.com/images/embed/trbtn-red-3.png

80 KB
81 KB

1289ms
493ms

Image
image/png

103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trakteer-assets.sgp1.digitaloceanspaces.com/images/embed/trbtn-red-3.png

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

81c0d705d39830242859e71362a824e8551972dc4b727675a1a3e03e3b02dc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:06:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 18 Jul 2021 07:46:17 GMT
x-amz-request-id: tx00000000000004defb0ac-0065cb8580-3af95ca7-sgp1a
age: 87
etag: "c223f40096b582bc068ec91d26113b13"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 82430

Redirect headers

date: Tue, 13 Feb 2024 15:08:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx2J6E%2B1n4ESflypMs97rRFXuF%2F15Pw7aORO%2F8UtTsFRv2BoxucBo3qjB9lf7iZ0KI%2F21dNoUuTcNudwdmf9Lng5sWXl3sY0L2tqgHy%2B9QsorZffu01WFxPzYEYpLGG1ugjaEwiMM%2FupaBJ3xg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://trakteer-assets.sgp1.digitaloceanspaces.com/images/embed/trbtn-red-3.png
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 854dfc233bec4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK main.v1.js Show response
galaxyfirmware.org/assets/js/ 3 KB
1 KB 115ms
115ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/main.v1.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 2d4aacc3985096be0319521b456d42c9cadcf05e76495054be1cfc661f0813ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Jun 2021 15:36:53 GMT
Server: nginx/1.10.3
ETag: "b30-5c41ab1b24f40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 908

GET
H/1.1 200
OK cookiealert.js Show response
galaxyfirmware.org/assets/js/ 2 KB
1 KB 120ms
118ms Script
application/javascript 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/js/cookiealert.js
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 04:00:01 GMT
Server: nginx/1.10.3
ETag: "72c-5d2ff1b5f3359-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 809

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 124ms
123ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20aa93d2622150599f200ee05a7c332512d9c9fb3ec5e5b2728c18a5b23ab757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51860
x-xss-protection: 0
server: cafe
etag: 17645974659362203840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Feb 2024 15:08:07 GMT

GET
H/1.1 200
OK ru.svg
galaxyfirmware.org/assets/flags/4x3/ 286 B
533 B 431ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/ru.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "11e-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286

GET
H/1.1 200
OK tw.svg
galaxyfirmware.org/assets/flags/4x3/ 945 B
1 KB 313ms
122ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/tw.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 44b7d1f3acc75aa8ff817b55d499dcb24770a3423b624bff829cb26729de7c16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "3b1-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 945

GET
H/1.1 200
OK hk.svg
galaxyfirmware.org/assets/flags/4x3/ 3 KB
4 KB 432ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/hk.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 17c1c66141f1aa0339fefc5863866d67eabcb1732bda7d5d757b2cb937c93da1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "da6-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3494

GET
H/1.1 200
OK ph.svg
galaxyfirmware.org/assets/flags/4x3/ 2 KB
2 KB 189ms
116ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/ph.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: fd167a43304972aa43f76a0ec3f03dc89dde4f96adc654a7e0e2e1257aa9a7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "61d-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1565

GET
H/1.1 200
OK my.svg
galaxyfirmware.org/assets/flags/4x3/ 1 KB
1 KB 312ms
120ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/my.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c992340a8c8284fca33fbcbcb287ace68c355a0603c471d9b09a207ab4f7390c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "4f6-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1270

GET
H/1.1 200
OK sg.svg
galaxyfirmware.org/assets/flags/4x3/ 887 B
1 KB 189ms
116ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/sg.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: fa164984f038fa81540d519c5d08123ed55f31bb8aa73798af7698c69dca2226

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "377-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 887

GET
H/1.1 200
OK nz.svg
galaxyfirmware.org/assets/flags/4x3/ 3 KB
3 KB 189ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/nz.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: b7f4f0961f007b0cc355df85903b0af0cfd6b655e23aa56aa547dc5ed693ae7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "bad-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2989

GET
H/1.1 200
OK ca.svg
galaxyfirmware.org/assets/flags/4x3/ 728 B
975 B 312ms
121ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/ca.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 5bda905693ffed32df95f79a8eeac1fbf062630de05f48875e109c35681e2331

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "2d8-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H/1.1 200
OK mx.svg
galaxyfirmware.org/assets/flags/4x3/ 93 KB
38 KB 118ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/mx.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 8258503043a0a3b6fc68ef1af0025ef0de85fa482fb77e8ba220c3cd6a7a86a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: W/"17303-5aa9de5b53a00"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive

GET
H/1.1 200
OK de.svg
galaxyfirmware.org/assets/flags/4x3/ 213 B
459 B 116ms
115ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/de.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "d5-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 213

GET
H/1.1 200
OK fr.svg
galaxyfirmware.org/assets/flags/4x3/ 292 B
539 B 118ms
118ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/fr.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 63667b36ddd95d29a9f163e3ab4b9f7000dcd310350c565c19b975a0a2418117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "124-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 292

GET
H/1.1 200
OK cz.svg
galaxyfirmware.org/assets/flags/4x3/ 231 B
477 B 118ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/cz.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 265906e27b7bc9169b39564713880f07af8ffd23a178ebb75f90224c684719f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "e7-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231

GET
H/1.1 200
OK ge.svg
galaxyfirmware.org/assets/flags/4x3/ 1 KB
2 KB 119ms
119ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/ge.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3054d4e61ec2de31e08ce51c8e1bff64fe2d4cc39f3bc6b3988a5e3aab32379c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "575-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1397

GET
H/1.1 200
OK us.svg
galaxyfirmware.org/assets/flags/4x3/ 4 KB
5 KB 114ms
114ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/us.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "116d-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4461

GET
H/1.1 200
OK al.svg
galaxyfirmware.org/assets/flags/4x3/ 3 KB
3 KB 116ms
116ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/al.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 87476e4c4b339983bcda71637a718eed1670bed1e39d7419db41b8f9db3a9485

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "c86-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3206

GET
H/1.1 200
OK gb.svg
galaxyfirmware.org/assets/flags/4x3/ 538 B
785 B 116ms
115ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/gb.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "21a-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 538

GET
H/1.1 200
OK ch.svg
galaxyfirmware.org/assets/flags/4x3/ 297 B
544 B 115ms
115ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/ch.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 4e94e5c3a524345e7c24f3807ab2ca812225ea6ccdb59ec67125b0ea3ed02cd5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: "129-5aa9de5b53a00"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 297

GET
H/1.1 200
OK es.svg
galaxyfirmware.org/assets/flags/4x3/ 89 KB
20 KB 118ms
117ms Image
image/svg+xml 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/assets/flags/4x3/es.svg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/flag-icon.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 07:13:44 GMT
Server: nginx/1.10.3
ETag: W/"162c3-5aa9de5b53a00"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 107ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:16:14 GMT
x-content-type-options: nosniff
age: 399113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:16:14 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
galaxyfirmware.org/assets/fa/webfonts/ 73 KB
73 KB 212ms
121ms Font
application/octet-stream 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/fa/webfonts/fa-brands-400.woff2
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c

Request headers

Referer: https://galaxyfirmware.org/assets/css/icon.css
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Sat, 30 Nov 2019 17:51:00 GMT
Server: nginx/1.10.3
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1239c-59893fd400900"
Content-Length: 74652

GET
H/1.1 200
OK fa-duotone-900.woff2
galaxyfirmware.org/assets/fa/webfonts/ 162 KB
162 KB 205ms
114ms Font
application/octet-stream 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/fa/webfonts/fa-duotone-900.woff2
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae

Request headers

Referer: https://galaxyfirmware.org/assets/css/icon.css
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Sat, 30 Nov 2019 17:51:00 GMT
Server: nginx/1.10.3
Connection: keep-alive
Accept-Ranges: bytes
ETag: "28750-59893fd400900"
Content-Length: 165712

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 110ms
30ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:02:08 GMT
x-content-type-options: nosniff
age: 399959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:02:08 GMT

GET
H/1.1 200
OK fa-light-300.woff2
galaxyfirmware.org/assets/fa/webfonts/ 161 KB
161 KB 215ms
115ms Font
application/octet-stream 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/assets/fa/webfonts/fa-light-300.woff2
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/css/icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f

Request headers

Referer: https://galaxyfirmware.org/assets/css/icon.css
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Last-Modified: Sat, 30 Nov 2019 17:51:00 GMT
Server: nginx/1.10.3
Connection: keep-alive
Accept-Ranges: bytes
ETag: "28468-59893fd400900"
Content-Length: 164968

GET
H/1.1 200
OK SM-G996B.jpg
galaxyfirmware.org/img/models/46/60/ 3 KB
4 KB 116ms
115ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/60/SM-G996B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3b1d740831b2e479f1180cf5d5a43329500c73b80c856745fda294d3719af67d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 3532
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-G996U.jpg
galaxyfirmware.org/img/models/46/60/ 3 KB
4 KB 119ms
117ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/60/SM-G996U.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3b1d740831b2e479f1180cf5d5a43329500c73b80c856745fda294d3719af67d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 3532
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-G998B.jpg
galaxyfirmware.org/img/models/46/60/ 4 KB
4 KB 118ms
118ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/60/SM-G998B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c0c15d6490d2d2d6fd8f068fa234e252fdb27d515da5449529d5d89b3c2b7d0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 3719
Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK SM-S536DL.jpg
galaxyfirmware.org/img/models/46/61/ 3 KB
4 KB 118ms
117ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-S536DL.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 7a5f630faf7d03951e220f433949b95bc0c737100d5b5bf6b4c21c85e694d214

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 3434
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-M536B.jpg
galaxyfirmware.org/img/models/46/61/ 4 KB
4 KB 118ms
117ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-M536B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c01fe42e18b1faddc87a7f68b46083dc10e7f0e0b38957e02a05efe35522ec9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 4274
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-P613.jpg
galaxyfirmware.org/img/models/46/61/ 4 KB
4 KB 117ms
116ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-P613.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 4a3a352286d467821fdc52b7dd88fb8ba1ab502b6b0e96b34ff7900a635c9539

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 4182
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-P619.jpg
galaxyfirmware.org/img/models/46/61/ 4 KB
4 KB 117ms
116ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-P619.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 4a3a352286d467821fdc52b7dd88fb8ba1ab502b6b0e96b34ff7900a635c9539

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 4182
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-G930T1.jpg
galaxyfirmware.org/img/models/46/61/ 3 KB
3 KB 116ms
115ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-G930T1.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c8cb337434b2afdbe8bed8bd655dffc414c024ffc8a938c6c279ad42e8c151ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 3383
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-A135U1.jpg
galaxyfirmware.org/img/models/46/61/ 3 KB
3 KB 117ms
117ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/46/61/SM-A135U1.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c99818077d9206829c05a7c070a4ae061cc4e5acec82371cccc15e204faa1494

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 2737
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-P619.jpg
galaxyfirmware.org/img/models/160/212/ 22 KB
22 KB 120ms
116ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-P619.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: bdcd1b7dc8e62b48257dd9081af62fffaf292329e17ffb2c49d4098c7a11f4b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-A336E.jpg
galaxyfirmware.org/img/models/160/212/ 22 KB
22 KB 117ms
116ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-A336E.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 4a88b4ce83b90ddff41c1dad29ff5b6771864fe6585d99eded3c5e21ab3ee711

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-A336B.jpg
galaxyfirmware.org/img/models/160/212/ 22 KB
22 KB 118ms
118ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-A336B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 4a88b4ce83b90ddff41c1dad29ff5b6771864fe6585d99eded3c5e21ab3ee711

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-M536B.jpg
galaxyfirmware.org/img/models/160/212/ 24 KB
24 KB 117ms
117ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-M536B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: b8e57774ff810c36f77b5d467ff6e565d30c649616c5fe48783f1850ea9aa48a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-A536U.jpg
galaxyfirmware.org/img/models/160/212/ 20 KB
21 KB 116ms
116ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-A536U.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 1a28b43e16349bac2be780c2e27ddac7c980774a15303ca53c7673a8fcc4414b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK SM-A536B.jpg
galaxyfirmware.org/img/models/160/212/ 20 KB
21 KB 121ms
120ms Image
image/jpeg 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.org/img/models/160/212/SM-A536B.jpg
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 1a28b43e16349bac2be780c2e27ddac7c980774a15303ca53c7673a8fcc4414b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:08 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fdd234e641173a7b2476d60faaf9ff2b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9736a323e21df1bcd768ea4bbcf15e04b4f53c12573507b9f0ee1298f51a2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galaxyfirmware.org/
Origin: https://galaxyfirmware.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 15:08:07 GMT
content-md5: G71ucwY04kVAj/IpyiEViw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88665
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: GDePNdpatwgsZ8dx/URcdANwafqxh0BiTkM/4N/1ZIWM761PI3UIUbuosagqW1g6efR/xIhLyZN0L22eA+T1Sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 409aafe158a220a4b9c2930335aa6c42
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ebb2ab202ebd3089815418195d16c5be"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 12 Feb 2025 13:08:12 GMT

GET
H/1.1 200
OK cari.php Show response
galaxyfirmware.org/ 0
161 B 322ms
118ms XHR
text/html 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/cari.php
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.org/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK search.json Show response
galaxyfirmware.org/core/ 0
161 B 314ms
117ms XHR
text/html 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/core/search.json
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.org/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK search-reg.json Show response
galaxyfirmware.org/core/ 401 B
556 B 423ms
115ms XHR
application/json 78.47.153.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.org/core/search-reg.json
Requested by: Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/assets/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.47.153.119 Leverkusen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.153.47.78.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: a5348c4a451091156bd62f18ab99e5fc267021a56980110e8b55242fe6fec5fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.org/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 15:08:07 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 401
Content-Type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 72ms
71ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BZBTEHWZ0J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124198581-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58616486e2fa2080f28f1f34707ea5d45de9766f47bc12c4b1d6ae2a3247388d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 15:08:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 295ms
24ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124198581-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 14:06:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Feb 2024 16:06:18 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 189ms
127ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83db2f288c1d10ec10621c63b6f0b52d33abf16bf0a87a0cc2d2a33b06d8354a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140881
x-xss-protection: 0
server: cafe
etag: 15382028458687537671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:08:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/ Frame 742B 9 KB
5 KB 84ms
24ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 47303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:59:44 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 01:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 169ms
49ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BZBTEHWZ0J&gtm=45je4270v9119078961za200&_p=1707836887397&gcd=13l3l3l3l1&npa=0&dma=0&cid=1010830023.1707836888&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707836887&sct=1&seg=0&dl=https%3A%2F%2Fgalaxyfirmware.org%2F&dt=Galaxy%20Firmware&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2314
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BZBTEHWZ0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galaxyfirmware.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 48ms
47ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=234954400&t=pageview&_s=1&dl=https%3A%2F%2Fgalaxyfirmware.org%2F&ul=en-us&de=UTF-8&dt=Galaxy%20Firmware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=903023795&gjid=1177931003&cid=1010830023.1707836888&tid=UA-124198581-2&_gid=1723499644.1707836888&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1122866186

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galaxyfirmware.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C11 493 KB
99 KB 1144ms
1143ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&adk=1812271804&adf=3025194257&lmt=1707836888&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgalaxyfirmware.org%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~13&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887697&bpp=6&bdt=921&idt=535&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5617353622419&frm=20&pv=2&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=609

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aeba0b695e7e09556b3eb1f8558445eac21d39e9b70148aedb6c10a30a3af04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:09 GMT
expires: Tue, 13 Feb 2024 15:08:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
85ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20fixed-top%20navbar-dark%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1030 117 KB
40 KB 991ms
987ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=200&slotname=9147965383&adk=3542967804&adf=3119996176&pi=t.ma~as.9147965383&w=1110&fwrn=4&lmt=1707836888&rafmt=11&format=1110x200&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887703&bpp=2&bdt=928&idt=617&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=637

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38104f1d5312e3159728a24ea9bd32043f8fe533bfad09ffecb6221b3e3a6bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40995
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:09 GMT
expires: Tue, 13 Feb 2024 15:08:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB49 119 KB
40 KB 1180ms
1179ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=280&slotname=5911427955&adk=2614709732&adf=3992409303&pi=t.ma~as.5911427955&w=1054&fwrn=4&fwrnh=100&lmt=1707836888&rafmt=1&format=1054x280&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887705&bpp=2&bdt=929&idt=673&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=680

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd779537344fa9e29f4b0ef9217d39329eb4029d488014843280b23f99b62940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41066
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:09 GMT
expires: Tue, 13 Feb 2024 15:08:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF6A 50 KB
17 KB 672ms
672ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=600&slotname=8346019600&adk=2507178410&adf=220581602&pi=t.ma~as.8346019600&w=300&lmt=1707836888&format=300x600&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887707&bpp=1&bdt=932&idt=696&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200%2C1054x280&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=710

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ecf4bc58f31b240c96e7828db4db48509e17fbd1bc3df19a64f845f255fc143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:09 GMT
expires: Tue, 13 Feb 2024 15:08:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F3B4 0
23 B 125ms
123ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQG__2IXLZe2lHKzhxtYPn5uggA36j4XmbaCDqMWtDcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTQ0MDQwMTk1MjExMDc2NzLIAQmoAwHIAwKqBNEBT9C5tIBHEp7fQAdXweVInvpKd2VmhEdybaf4cfKDP1_rwc6IYDqodEieHsThJlnHz3R9fjzvK1ToE3r4RIyVjJsW_kt_mw1nI2lkmXA-oVsz6pKJHcMI4mDAcYrRW-UgGeI5KoDBLaWJMP9RlJ4QV_LTjzGqcBcSM_sN_CjBqOeJc6oCrwDF4x-mEra0o9cIgX4rZdf4KqSXgJr5lbIppQBc-jk46xyX259lzZdV2ML9TrF9qVwPKPbZjfyagkPkg76aEGMshh5N-pHpEuPpSq6ABr7l_Pmcp8HdUqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WJ-xyJjMqIQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MDQwMTk1MjExMDc2NzIYAA&sigh=-U2vQP1bsrw&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_oXdF0B9Utaz4h1IEcDEN2EXbcS1JER6LHKES5lOAHa3_S4_418cF27xrSF-4p6ef2oDtYFFIdLawAUVq7u7P5TYG6iG8SoPOLBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=600&slotname=8346019600&adk=2507178410&adf=220581602&pi=t.ma~as.8346019600&w=300&lmt=1707836888&format=300x600&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887707&bpp=1&bdt=932&idt=696&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200%2C1054x280&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=600&slotname=8346019600&adk=2507178410&adf=220581602&pi=t.ma~as.8346019600&w=300&lmt=1707836888&format=300x600&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887707&bpp=1&bdt=932&idt=696&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200%2C1054x280&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 15:08:09 GMT

GET
H2 200 win
8proof.com/app/ Frame F3B4 0
44 B 220ms
60ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=730743555543&ap=ZcuF2AAHEu0E0bCsAAgNnxDBA6F-COV6EN9mEA&brid=mjJQGPUneThkXJ78imkTHQ&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=600&slotname=8346019600&adk=2507178410&adf=220581602&pi=t.ma~as.8346019600&w=300&lmt=1707836888&format=300x600&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887707&bpp=1&bdt=932&idt=696&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200%2C1054x280&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=710
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:09 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 13AB 13 KB
13 KB 184ms
31ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:16:22 GMT
age: 3107
x-guploader-uploadid: ABPtcPreFZODQrRGBRZpcvSj7O1TMUwRYsXSHoimSBiPw6CzEkIwQXMagRPbUPH_BuGleQAM2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 15:16:22 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 13AB 12 KB
13 KB 175ms
24ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:00:19 GMT
age: 470
x-guploader-uploadid: ABPtcPrs1mN7WjpMok9M2NDgiFtjJZiZ6u1k_NIc3KO8OOvV11KTniSjdOiN1x9FvB8j-b6cXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:00:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1030 4 KB
775 B 49ms
48ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=200&slotname=9147965383&adk=3542967804&adf=3119996176&pi=t.ma~as.9147965383&w=1110&fwrn=4&lmt=1707836888&rafmt=11&format=1110x200&url=https%3A%2F%2Fgalaxyfirmware.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887703&bpp=2&bdt=928&idt=617&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 1030 2 KB
875 B 109ms
47ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 1030 23 KB
9 KB 87ms
28ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 1030 3 KB
1 KB 91ms
32ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 1030 20 KB
8 KB 83ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1030 203 KB
61 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 1030 36 KB
15 KB 101ms
25ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 01:22:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 01:27:46 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7912766206205334642/ Frame 1030 28 KB
29 KB 107ms
53ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7912766206205334642/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 00:38:14 GMT
date: Fri, 09 Feb 2024 00:38:14 GMT
x-content-type-options: nosniff
age: 397795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29139
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 09:57:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4332346491793353829/ Frame 1030 13 KB
13 KB 102ms
48ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4332346491793353829/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1df01658452c3d40bcbe47d47639c9130828dd84d29a9fc1855722ed6df3f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 00:30:12 GMT
date: Fri, 09 Feb 2024 00:30:12 GMT
x-content-type-options: nosniff
age: 398277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12918
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 13:48:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 1030 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0559601e66f56f5b0355d7c9fbf0c397b6efce469a5d4d02a51b3bca7670c96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 112ms
111ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7e075838fc9a96230c537290b27c438f8a07b2c6f70a369ace39623a31eafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57056
x-xss-protection: 0
server: cafe
etag: 17154309935035831642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:08:09 GMT

GET
H2 200 ca-pub-4404019521107672 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 142ms
63ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4404019521107672?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a524f6ebba6858893c7f5b806ac21eb9053c6c25df83d8b33ab17ff854442db7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-haPAfBrwipMv_G2SwDLcFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-haPAfBrwipMv_G2SwDLcFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXFEKQhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejpvd69axCSyYePk8EwC7bk9j"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 91 KB
31 KB 97ms
96ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b045e3070264b4c70db16bf1cdcd9eddcc91f0e3bd79421f398577c6518b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: cafe
etag: 17106806669644613068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:08:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BB49 4 KB
679 B 52ms
51ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4404019521107672&output=html&h=280&slotname=5911427955&adk=2614709732&adf=3992409303&pi=t.ma~as.5911427955&w=1054&fwrn=4&fwrnh=100&lmt=1707836888&rafmt=1&format=1054x280&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836887705&bpp=2&bdt=929&idt=673&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x200&nras=1&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=680

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:54:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame BB49 2 KB
856 B 31ms
30ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame BB49 23 KB
9 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame BB49 3 KB
1 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame BB49 20 KB
8 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BB49 203 KB
61 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame BB49 36 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 01:22:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 01:27:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1030 15 KB
16 KB 27ms
23ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:02:14 GMT
x-content-type-options: nosniff
age: 399955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:02:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1030 15 KB
15 KB 32ms
30ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:24:29 GMT
x-content-type-options: nosniff
age: 452620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:24:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12864560910603521329/ Frame BB49 30 KB
30 KB 31ms
30ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12864560910603521329/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 08:19:07 GMT
date: Mon, 12 Feb 2024 08:19:07 GMT
x-content-type-options: nosniff
age: 110942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31031
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 09:57:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4332346491793353829/ Frame BB49 5 KB
5 KB 39ms
38ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4332346491793353829/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 00:12:36 GMT
date: Fri, 09 Feb 2024 00:12:36 GMT
x-content-type-options: nosniff
age: 399333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 13:48:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1030
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ5Nf2IXLZZ3YF8_extYPw6yM8APOiNvpdbfYxYy9Eozy-viLDhABILebiTZgye6Oi8CkjBCgAZjp0JApyAEJqQLSwtrldg-yPqgDAcgDy4SAgASqBN4BT9CrAh6rPDeyjW5Ym0s7GDUyHlA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220x78b8d6f...

0
0

150ms
90ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220x78b8d6f104135f900000000000000000%22,%224%22:%220x25d92497ad421c5b0000000000000000%22,%225%22:%220xc1579b2f33223cd50000000000000000%22},%22debug_key%22:%2210984901320627725559%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040732312%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224706053660956750865%22}&andc=true

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfe884f37976072b0000000000000000","2":"0xc04fc8c455c183c30000000000000000","3":"0x78b8d6f104135f900000000000000000","4":"0x25d92497ad421c5b0000000000000000","5":"0xc1579b2f33223cd50000000000000000"},"debug_key":"10984901320627725559","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040732312"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"4706053660956750865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 15:08:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfe884f37976072b0000000000000000","2":"0xc04fc8c455c183c30000000000000000","3":"0x78b8d6f104135f900000000000000000","4":"0x25d92497ad421c5b0000000000000000","5":"0xc1579b2f33223cd50000000000000000"},"debug_key":"10984901320627725559","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040732312"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"4706053660956750865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0961 51 KB
19 KB 33ms
29ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:49 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CA3 53 KB
18 KB 833ms
832ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&daaos=1707821061847&w=1200&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1200x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600&nras=2&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=61

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2590216f85258f9fbecd6452304a22fda2416e4cb3106d0dfa119848738c130e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 18802
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6199 121 KB
42 KB 998ms
997ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=100&adk=2287261315&adf=1279138191&pi=t.aa~a.1681909044~rp.4&daaos=1707821061847&w=540&fwrn=1&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=540x100&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90&nras=3&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=67

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e97f100d4e8f14572f785bad1aebd67c5e785042bfbafb9963035f0f38333bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42494
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D40F 53 KB
18 KB 1183ms
1182ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7c43ca25b40c7503113ad41e37a79605d940a78a2dcf9d0382fb55cf54f7a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 18739
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame 78CA 9 KB
4 KB 27ms
26ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 02:05:37 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 02:05:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame A9B7 9 KB
4 KB 26ms
24ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 02:05:37 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 02:05:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame 4938 9 KB
4 KB 29ms
25ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 02:05:37 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 02:05:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame 9DF4 9 KB
4 KB 30ms
28ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 02:05:37 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 02:05:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BB49 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4446ec02b27aede3006b29c54d142f75e6b6446096cbfc633bd11933180ed76

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGSKWxUIPGC8mp2IZYiNB2hgOKG-m3xHBh4qHucy36Y31VZdFmaI51PQqavQE6GQxMCEwVD7fVCEluok8gtHyxYwLAGGClxyzDTzGCabH1kWu03DCzlC2ewe4PrFln3SpDTJRRBg0v9kUA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
60ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIPGC8mp2IZYiNB2hgOKG-m3xHBh4qHucy36Y31VZdFmaI51PQqavQE6GQxMCEwVD7fVCEluok8gtHyxYwLAGGClxyzDTzGCabH1kWu03DCzlC2ewe4PrFln3SpDTJRRBg0v9kUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3ODM2ODg5LDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5vcmcvIixudWxsLFtbOCwiTTBaZ2RhbU9OTnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxXelbhuuSGamfBQQn3Px5KWP-5Sw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5c40dbb70fc9b8d5978744965d7f79a49468ed3a1faf507ffdb45adb6188b3b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-e0pgdM0n4Z_Xh3Zl90WErQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:09 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-e0pgdM0n4Z_Xh3Zl90WErQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Om93r1rEJzNi85jAzAC2BSis"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 87ms
84ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4404019521107672
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 167ms
90ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Feb 2024 15:08:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB49 16 KB
16 KB 26ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:11:02 GMT
x-content-type-options: nosniff
age: 399428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:11:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB49 15 KB
15 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:24:29 GMT
x-content-type-options: nosniff
age: 452621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:24:29 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 78CA 5 KB
694 B 71ms
70ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:13:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:10 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 78CA 205 B
229 B 28ms
26ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:25 GMT
x-content-type-options: nosniff
age: 399465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 00:10:25 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 78CA 604 B
628 B 50ms
48ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:19 GMT
x-content-type-options: nosniff
age: 399471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 00:10:19 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 78CA 15 KB
6 KB 56ms
54ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6491
x-xss-protection: 0
server: cafe
etag: 466061988171370325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:00:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 78CA 22 KB
9 KB 54ms
53ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:00:53 GMT

GET
H3 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame A9B7 8 KB
4 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 06:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 06:38:08 GMT

GET
H3 200 39b1936085524998ebfc7677a2ba517e.js Show response
www.gstatic.com/mysidia/ Frame A9B7 10 KB
4 KB 50ms
50ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 00:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4466
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 May 2024 00:01:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A9B7 14 KB
1 KB 64ms
61ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A9B7 2 KB
822 B 49ms
47ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame A9B7 23 KB
9 KB 57ms
55ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A9B7 3 KB
1 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A9B7 20 KB
8 KB 55ms
54ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A9B7 203 KB
61 KB 58ms
56ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame A9B7 36 KB
15 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 01:22:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 01:27:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BB49
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEcDo2IXLZd6gGpiC3rsPucCF6APzlefZdZHbzMSzEpCejtePDhABILebiTZgye6Oi8CkjBCgAZjp0JApyAEJqQLSwtrldg-yPqgDAcgDywSqBOQBT9A9033UtG-Pcl3V7v58mncmU20GsI0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220xc00caa6...

0
0

96ms
95ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220xc00caa6a4773bda40000000000000000%22,%224%22:%220x3f1b8a782d1a6a320000000000000000%22,%225%22:%220xc1579b2f33223cd50000000000000000%22},%22debug_key%22:%227882920531667992796%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040732312%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580150560021638385%22}&andc=true

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfe884f37976072b0000000000000000","2":"0xc04fc8c455c183c30000000000000000","3":"0xc00caa6a4773bda40000000000000000","4":"0x3f1b8a782d1a6a320000000000000000","5":"0xc1579b2f33223cd50000000000000000"},"debug_key":"7882920531667992796","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040732312"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"16580150560021638385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 15:08:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfe884f37976072b0000000000000000","2":"0xc04fc8c455c183c30000000000000000","3":"0xc00caa6a4773bda40000000000000000","4":"0x3f1b8a782d1a6a320000000000000000","5":"0xc1579b2f33223cd50000000000000000"},"debug_key":"7882920531667992796","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040732312"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"16580150560021638385"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame F4EF 13 KB
13 KB 27ms
25ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:16:22 GMT
age: 3108
x-guploader-uploadid: ABPtcPreFZODQrRGBRZpcvSj7O1TMUwRYsXSHoimSBiPw6CzEkIwQXMagRPbUPH_BuGleQAM2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 15:16:22 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame F4EF 12 KB
12 KB 30ms
29ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:00:19 GMT
age: 471
x-guploader-uploadid: ABPtcPrs1mN7WjpMok9M2NDgiFtjJZiZ6u1k_NIc3KO8OOvV11KTniSjdOiN1x9FvB8j-b6cXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:00:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DF4 0
19 B 94ms
93ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0g8d2IXLZbGIFuffxtYP1_GM8APamImHa8-ppu-ODsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTQ0MDQwMTk1MjExMDc2NzLIAQmoAwHIAwKqBMwBT9Dc-JCiJJOVaFifUxwFszGudLg6XLvitSBC4mdi_FmrXYpfKyhc09SfdtkDywI9gsPRUUDRIVRuOfIBtI0WiMd4Tdq4DZ1SqT_WLiSpawciuFhRAcrlGig_yF7a6bQ9VasMYQyCwhtpYe6yrWANdcCfA4CjZ6glTXEx8utEFsuxAytd2QPLYmHMnibZAxlt32LZ7FjxFTMWt9xs3nhZeaTvA6Cw_AP4LzN5tjubdFRVK6oBHwdmWH4sy6_gjCTu7np585N03_ZIo-gXgAaP1fuW6rXoroMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgIAISL39wTpY3tvBmMyohAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDQwNDAxOTUyMTEwNzY3MhgA&sigh=FCSqpMlWf_w&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_sZQgsDlgC8r_S7HUTLXPdDPkihU2o0j45WEX6lviWDmwp5PzjCuG1NeHvSSVSPkBc6Rhir7XT_GbMtsC2YS0Gt7G7hh3kejr5xgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 win
8proof.com/app/ Frame 9DF4 0
43 B 70ms
69ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=730743348580&ap=ZcuF2AAFhDEE0a_nAAM410TnXwwjFKRf3-k9-g&brid=3VD9ImRARo3FKSXuOxogyA&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:10 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 7989 13 KB
13 KB 25ms
24ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:16:22 GMT
age: 3108
x-guploader-uploadid: ABPtcPreFZODQrRGBRZpcvSj7O1TMUwRYsXSHoimSBiPw6CzEkIwQXMagRPbUPH_BuGleQAM2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 15:16:22 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 7989 12 KB
12 KB 31ms
30ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:00:19 GMT
age: 471
x-guploader-uploadid: ABPtcPrs1mN7WjpMok9M2NDgiFtjJZiZ6u1k_NIc3KO8OOvV11KTniSjdOiN1x9FvB8j-b6cXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:00:19 GMT

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame BF0D 51 KB
19 KB 29ms
29ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:49 GMT

GET
H3 200 AGSKWxVOZysisYUKNzkvN4ltVk7uflGvPBMRdHb4Wogbw-V9mtV5HTp4S5_feYGkHZucUc47uXn7lnykoYI4wQMPgXM9Ir-EylKlmcfd1HzQHO6ClIXCDkW5slQhbO8AUbgIqIoTUqI2Lg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 60ms
59ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOZysisYUKNzkvN4ltVk7uflGvPBMRdHb4Wogbw-V9mtV5HTp4S5_feYGkHZucUc47uXn7lnykoYI4wQMPgXM9Ir-EylKlmcfd1HzQHO6ClIXCDkW5slQhbO8AUbgIqIoTUqI2Lg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3ODM2ODkwLDE3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2FsYXh5ZmlybXdhcmUub3JnLyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3cecf2ad6296e5d9ee4885ecd972da952bb680c32941d1c52100f5d21c3f02f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--sYojCvzLVyqvL6zGMsp8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:10 GMT
content-security-policy: script-src 'report-sample' 'nonce--sYojCvzLVyqvL6zGMsp8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXFEKghxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiFujlvd69axCTz4tzETAGzxT4U"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7342 6 KB
728 B 54ms
53ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:28:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 7342 2 KB
822 B 33ms
30ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 7342 23 KB
9 KB 35ms
32ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 7342 3 KB
1 KB 36ms
33ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 7342 20 KB
8 KB 34ms
31ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7342 203 KB
61 KB 27ms
24ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 7342 36 KB
15 KB 30ms
28ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 01:22:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 01:27:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA78 143 B
166 B 32ms
29ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 14:26:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
85ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe884f37976072b0000000000000000%22,%222%22:%220xc04fc8c455c183c30000000000000000%22,%223%22:%220xc00caa6a4773bda40000000000000000%22,%224%22:%220x3f1b8a782d1a6a320000000000000000%22,%225%22:%220xc1579b2f33223cd50000000000000000%22},%22debug_key%22:%227882920531667992796%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040732312%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580150560021638385%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Feb 2024 15:08:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6900 51 KB
19 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Host: galaxyfirmware.org
URL: https://galaxyfirmware.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA78
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:11 GMT
expires: Tue, 13 Feb 2024 15:08:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6650 51 KB
19 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1030 42 B
64 B 87ms
87ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcrQMWWXMstI8W313YB_fKIzJY9qbVK8yJ01128YxniIQB1mahX88KlrpdE7nspuHubx6A4z9vQudzvcyAajUNIq1Os5xrhg86FL4POu-dO-4GOjyudS2Tm10sUwnBig7J9GtCnBQDbHNBEAcujKGXG5RIGHIxoaI&sai=AMfl-YQjljpG8LSDbRfoOGIeP5JC38jliUR9JGypYVPbNbkjv0IGXC0aWb5Gb7xG7kqQznY8QErR63op0mL9Ru8yylONCeFLdjsYn0mzFqGKfeiQaNeo3zMtGNhQAWeiqODdRrgkTeZfBGxD9irFzqhy&sig=Cg0ArKJSzDWJ6o7rrJnhEAE&cid=CAQSTgAvHhf_1mcwUFZbTBpgP-cPv5XMK_3x4i1uH8Vno_5lx_RxhrInpdPSY5fstuQb3x4k-eDdhqXSDeAm-J_WT8ni0m5SvY9DPL06kE5YexgB&id=lidar2&mcvt=1004&p=0,0,200,1110&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3542967804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=376968900&rst=1707836888343&rpt=1387&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 showban.asp Show response
fundingchoicesmessages.google.com/f/AGSKWxW39iXDcfb8SsUC6-Z3vNn-n6aFw-zg3QeQe69j80hA2KLCSSRyFVA7CHn6METXUBZNPlvLbpR4QSTQ5TTm0_CZ9LWexymad6sLqSXiAQ0Dvy8Nkf-Ssa-Q9N8BBMG0oOPseeqat5N89mHdgZtMRPqRBZZ21... 54 B
110 B 50ms
49ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW39iXDcfb8SsUC6-Z3vNn-n6aFw-zg3QeQe69j80hA2KLCSSRyFVA7CHn6METXUBZNPlvLbpR4QSTQ5TTm0_CZ9LWexymad6sLqSXiAQ0Dvy8Nkf-Ssa-Q9N8BBMG0oOPseeqat5N89mHdgZtMRPqRBZZ21dgSfT9q2dtQ9kFu_DxbPb48Fl47_Bxb/_/wpproads./showban.asp?/ads/webplayer..il/ads./video-ads-player.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzzD3gj5Xl_LdwGs7PHMTHg16ATNA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49be548a64fb7cc0e31c0ffd0453225a50133a56066b2a1161a367a0c941bd14

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YRCsV8dq63uP7NDHbu6MdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YRCsV8dq63uP7NDHbu6MdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsGoxSXF4KkhxaAQtpPpvNMdputAfFHlKdNNIK5leMbUCsQPwp8xvQBiA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLid5KvmL4B8Q4fD5Y34dNZ-SKms8bVTWctAGK-ddNZDddPZ91yZjrrHiCOeT6dNQWIF7POYF0NxFMCZ7DOAWKn9BmsIUD8OXMG628g9qmfwRoHxELcHLe7161jEzgxv0kUALzqSqk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 28ms
28ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23848a0b9266d5f7b94855fe4f8b6b8720dd52ae46f47073d29be7db670d1ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24347
x-xss-protection: 0
server: cafe
etag: 6128443742786676413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:17:17 GMT

POST
H3 204 AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 100ms
48ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YpMb981XASQCduoU0iKn_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-YpMb981XASQCduoU0iKn_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXPc7l63jk3gx4dXugDpKRif"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://galaxyfirmware.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6199 4 KB
679 B 52ms
51ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=100&adk=2287261315&adf=1279138191&pi=t.aa~a.1681909044~rp.4&daaos=1707821061847&w=540&fwrn=1&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=540x100&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90&nras=3&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=67

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 14:48:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 15:08:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 6199 2 KB
822 B 28ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 6199 23 KB
9 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 6199 3 KB
1 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 6199 20 KB
8 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6199 0
0 84ms
44ms Image
text/html 2607:f8b0:4006:81d::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIu3EpBPj5iH1ETqsg1sgaEvGRHa83BFzQ5FOj-_z9U4EO4TNVf3fAWe7Pzz2Ps25tZK9Ej0VCtCFVBPhxZx4usSSkxQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=100&adk=2287261315&adf=1279138191&pi=t.aa~a.1681909044~rp.4&daaos=1707821061847&w=540&fwrn=1&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=540x100&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90&nras=3&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6199 203 KB
61 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 6199 36 KB
15 KB 27ms
27ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 01:22:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 01:27:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A8C0 20 KB
8 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&daaos=1707821061847&w=1200&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1200x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600&nras=2&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=61

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A8C0 203 KB
61 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame B2B4 20 KB
8 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B2B4 0
0 49ms
48ms Image
text/html 2607:f8b0:4006:81d::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2MC0UsKchY8b3PR1E8unp2faGI_GUKzWj5-32GDeS__kVfRt77AkOHx_OHn6mSBwiEflaUPqNn7ddDAtmOoHYiRBLrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B2B4 203 KB
61 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 15:11:38 GMT

GET
H3 200 roboto-v30-latin-regular.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 31DF 15 KB
15 KB 28ms
27ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/roboto-v30-latin-regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:06:58 GMT
age: 73
x-guploader-uploadid: ABPtcPrU6Shfnoss-Uzl1w2qu5Vg9jZKFvpKtFHGoIZ-p8eJVUuOBZzh5-FHrUcxGaerOJY-DA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
last-modified: Mon, 23 Oct 2023 09:53:27 GMT
server: UploadServer
etag: "15d9f621c3bd1599f0169dcf0bd5e63e"
x-goog-generation: 1698054807164743
x-goog-hash: crc32c=pr5ueQ==, md5=Fdn2IcO9FZnwFp3PC9XmPg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 15744
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:06:58 GMT

GET
H3 200 roboto-v30-latin-500.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 31DF 16 KB
16 KB 49ms
48ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/roboto-v30-latin-500.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:34:40 GMT
age: 2011
x-guploader-uploadid: ABPtcPoR93ecVewqtAqyTKp8i_DHvY1VWcU9s8NH6woYWWMhQEuFQ1x8oCH-eoLJW4OuOatRpkObPZ5qWA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
last-modified: Mon, 23 Oct 2023 09:53:27 GMT
server: UploadServer
etag: "3a44e06eb954b96aa043227f3534189d"
x-goog-generation: 1698054807137154
x-goog-hash: crc32c=81QedQ==, md5=OkTgbrlUuWqgQyJ/NTQYnQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 15920
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 15:34:40 GMT

GET
H3 200 roboto-v30-latin-700.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 31DF 15 KB
16 KB 30ms
29ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/roboto-v30-latin-700.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:03:40 GMT
age: 271
x-guploader-uploadid: ABPtcPpMOHwVB7K3DcgFptvPCek0h6JkTSvLaSuLvYa-mErXLtGrULNoOqddnbWXVPbe_k8K3s7FCiTwfg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
last-modified: Mon, 23 Oct 2023 09:53:27 GMT
server: UploadServer
etag: "e9f5aaf547f165386cd313b995dddd8e"
x-goog-generation: 1698054807601833
x-goog-hash: crc32c=LmN+jA==, md5=6fWq9UfxZThs0xO5ld3djg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 15860
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:03:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4AD8 1 KB
643 B 28ms
25ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 00:18:12 GMT
etag: 48472445140208031
expires: Wed, 14 Feb 2024 00:18:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 61C6 13 KB
13 KB 40ms
38ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:16:22 GMT
age: 3109
x-guploader-uploadid: ABPtcPreFZODQrRGBRZpcvSj7O1TMUwRYsXSHoimSBiPw6CzEkIwQXMagRPbUPH_BuGleQAM2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 15:16:22 GMT

GET
H3 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 61C6 12 KB
12 KB 45ms
43ms Font
application/octet-stream 2607:f8b0:4006:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:00:19 GMT
age: 472
x-guploader-uploadid: ABPtcPrs1mN7WjpMok9M2NDgiFtjJZiZ6u1k_NIc3KO8OOvV11KTniSjdOiN1x9FvB8j-b6cXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 13 Feb 2024 16:00:19 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17873123886564933106/ Frame 6199 16 KB
16 KB 101ms
100ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17873123886564933106/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233cc63e761d663f156c1adf6862c3af1c4eff6fba7d7b3b38ab324126687208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15944
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 06:52:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Feb 2025 15:08:11 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1575735000701413370/ Frame 6199 2 KB
2 KB 34ms
33ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1575735000701413370/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33e27b2278468c08da9c3979d146c9e91d372faf76ed349bfb8ff17bfb331db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 00:19:16 GMT
date: Fri, 09 Feb 2024 00:19:16 GMT
x-content-type-options: nosniff
age: 398935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1881
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 12:42:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
48ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8yo_Wb45xAkmAdkfYnYFSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-8yo_Wb45xAkmAdkfYnYFSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XDc7l63jk3gw8-vCxkBBdIZLQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://galaxyfirmware.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
49ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PP8iGbyHc7T2htUbKpd6fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PP8iGbyHc7T2htUbKpd6fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XDc7l63jk3gx6otKxgBA08YqQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://galaxyfirmware.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
49ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WLtiE-3CwCp4Kwk2lYfwcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-WLtiE-3CwCp4Kwk2lYfwcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XDc7l63jk3gRefSFYwAA8IYbw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://galaxyfirmware.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUjFSvTlWKfn4MrIYATw85Pn2rmQKDf6jJXNXcTZZ4Xp5HIdG_ywfB6umfsboBPH501KvB0vvnYoCLVSqUwUfJZ7TCj61Yli6NeDNAHTfmgd0lNR3fToJEoGDoHxxAHAfZjjD3r2Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
58ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUjFSvTlWKfn4MrIYATw85Pn2rmQKDf6jJXNXcTZZ4Xp5HIdG_ywfB6umfsboBPH501KvB0vvnYoCLVSqUwUfJZ7TCj61Yli6NeDNAHTfmgd0lNR3fToJEoGDoHxxAHAfZjjD3r2Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3ODM2ODkxLDMyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5vcmcvIixudWxsLFtbOCwiTTBaZ2RhbU9OTnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5555b3d8084600b26e83c79842ee959041f489d96abe7125e6e3a6b7e196b97c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GDVsXPQ0R7il4wV9QVgagA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-GDVsXPQ0R7il4wV9QVgagA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O293r1rEJ7PgxfQMjADnESng"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A8C0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c0d564e4d0d77813b6025e36d14d14c90f61c18eed0668ca61c811e63e9462d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A8C0 0
19 B 99ms
98ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy3Ei2YXLZceaNY3IxtYP74e56A_amImHa8-ppu-ODsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTQ0MDQwMTk1MjExMDc2NzLIAQmoAwHIAwKqBNEBT9D4r7IKnLgn-aSooWxgpvHNo0KZN-Rk08qoDamFpuRKr7x3l53vLBYgvFxy4IeazvdrwNv9LMjS83eZWbeqQ7RtYIcgIMNki3UBxQDr-72khPRaFkzEd1PVp3toM5ZgkmQREhXGb9Ucizn0_dBe4GXwTLwTOLwVcgXWxxFEIUuW7PXJ91ctfkjB2P8k_mkbkfc4a5NqmWv8TFpwAwbcCDbZjWWUZ9AdNVeviTlqBcByAiwzThqEiCemTIH8NH4btdv5HY1rK6AkV0aBLItJn8qABrr74pzEr-nyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WPCRnpnMqIQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MDQwMTk1MjExMDc2NzIYAA&sigh=v_5NjFxj7co&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_A9IMdJItdbdj4VflmNaTmdMyh2ngOyTytxRiRcvvNE5S-BT5FzIsHLc2oAr0_XgXP6fJtM12GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&daaos=1707821061847&w=1200&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1200x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600&nras=2&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 win
8proof.com/app/ Frame A8C0 0
43 B 66ms
65ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=730743651142&ap=ZcuF2QANTUcE0aQNAA5D70wNwkTvXtqa13CJHg&brid=xOkRmY7XZvoa-NXj6lV6Kw&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&daaos=1707821061847&w=1200&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1200x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600&nras=2&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=61
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-length: 0
server: nginx

GET
DATA 200
OK truncated
/ Frame B2B4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac4ce157ed1bafba7516947609b46802d1d77bf78a203a2018d98731af32cf1a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B2B4 0
19 B 98ms
94ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqWOj2YXLZc3uNeOJvPIP5Pm0iAzamImHa8-ppu-ODsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTQ0MDQwMTk1MjExMDc2NzLIAQmoAwHIAwKqBNEBT9BezQXJNLCga2R4KzDll6HBBgSshjA66FkPKdgr42Rsh3XwAW-MMiih_OBvP6qszAYiKrOayugcra2fEg1CL4a3h-KgqgPMHrUYaabh-T-G6vn6VsDIophgPHJVSTU1t1VUScz5giFEDlwIYDBQROYWBPTR3J7BdQdGcsjEST5Bhpqzs2nLfJswwu6WBUTrKaikolFNmeCuypRA2nEJpFYryd9ei9eNIdcQcnkLpCW1aegU5aqenQBiYwP_Wwgkf64ofFVGFP84J51Q0ovBfkaABunvvrqI4fmxsQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAgAhIvf3BOliM_Z6ZzKiEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NDA0MDE5NTIxMTA3NjcyGAA&sigh=jMhxSx8wh2Q&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_LtF0O3r8DD02mwPSGZz9uW6kOCM6_AKykT-O8bPZt9XKiZtNTO2t32GWWPac-Cz5lNdkrbVZGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 win
8proof.com/app/ Frame B2B4 0
43 B 64ms
61ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=730743651169&ap=ZcuF2QANd00ITwTjAA085LU9hH1vP93xQrLsGQ&brid=IBZ5brg1_D0HgPUewc9utg&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4404019521107672&output=html&h=90&adk=377016393&adf=2980879607&pi=t.aa~a.138241479~rp.4&daaos=1707821061847&w=1110&fwrn=4&fwrnh=100&lmt=1707836889&rafmt=1&to=qs&pwprc=4128584705&format=1110x90&url=https%3A%2F%2Fgalaxyfirmware.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707836889762&bpp=1&bdt=2986&idt=-M&shv=r20240212&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5447edbc9e6afac0%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg&gpic=UID%3D00000dc28cee5eef%3AT%3D1707836888%3ART%3D1707836888%3AS%3DALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw&eo_id_str=ID%3Db4e6970a341d8934%3AT%3D1707836888%3ART%3D1707836888%3AS%3DAA-AfjZshsDr4Rss4jAgYWlzedSA&prev_fmts=0x0%2C1110x200%2C1054x280%2C300x600%2C1200x90%2C540x100&nras=4&correlator=5617353622419&frm=20&pv=1&ga_vid=1010830023.1707836888&ga_sid=1707836888&ga_hid=234954400&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081024%2C95322434%2C95324580%2C95322180%2C95324154%2C95324161%2C95324261&oid=2&psts=AOrYGsmXxkhf0Hx6WQc6EN59yyYa1q7_M_0EnkxFczCDFz1vScNd2k9pfUWL1VEEjqW18K2PsFZXqdoGp3DD7gMdKr4p9uxM%2CAOrYGsm44kyIkoGdPpWgjTaQUvAMcPOzUVh1g6fd4ItOyMjkum7aF1rxkMwMBZkbuXCkV0YPNqkGT9K7B873NFeKlhbaT0Un&pvsid=1994421921894393&tmod=687094112&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-length: 0
server: nginx

GET
DATA 200
OK truncated
/ Frame 6199 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64ea86822fefdbe030dc77f75849dbd35bd7466ddfb56f694d4bc48fcbf6cb4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4AD8 35 B
464 B 127ms
34ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEQ8YfSWLXr7xxm9qdX-KkU&google_cver=1&google_push=AXcoOmTxdnjnz58gpXHP5hem_tdCc9WkJdgh3FqJxTwQ6v7V07DPAoJSTfD81ysN_pKhsCoEi5EcuKo5giztYT0pGcEmEP40FTmUA8Bo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_cver=1&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYj...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4d9547e2620149b&is_secure=true&networkId=14000&version=1&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_cver=1&google_push=AXcoOmQkICls9...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHJ848FRTuZwMWReIRAAAAAAA&expiration=1707923291&google_cver=1&is_secure=true&google_gid=CAESENpLbT0C2YasaeUuAqMz_...

170 B
188 B

52ms
52ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHJ848FRTuZwMWReIRAAAAAAA&expiration=1707923291&google_cver=1&is_secure=true&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYjI5uiw1v8S3YC0gEfyP0jgF3QffDIZ87SPBPRkVynz9hM-fy06

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHJ848FRTuZwMWReIRAAAAAAA&expiration=1707923291&google_cver=1&is_secure=true&google_gid=CAESENpLbT0C2YasaeUuAqMz_dA&google_push=AXcoOmQkICls9Rh-F4ePCxcFxFOoA1G86i4eelFnylCfxaXN3x7cGYjI5uiw1v8S3YC0gEfyP0jgF3QffDIZ87SPBPRkVynz9hM-fy06
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMefejWq3_NQkOnGz9DTUf0&google_cver=1&google_push=AXcoOmR6BS1l-HQYanM9QR3-h3DPCM6WXyHD5hU_Abi0upycEmWnMF1dttKnhDy2vGtFNQWC_g2y2vBNH6eTZWVzqj...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMefejWq3_NQkOnGz9DTUf0&google_cver=1&google_push=AXcoOmR6BS1l-HQYanM9QR3-h3DPCM6WXyHD5hU_Abi0upycEmWnMF1dttKnhDy2vGtFNQWC_g2y2vBNH6eTZWVzqj...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzlmMGY5NWItODIyOS00OTZkLWI0MDEtNmFkNTVjYTU0Njhi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c9f0f95b-8229-496d-b401-6ad55ca5468b

170 B
232 B

47ms
45ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzlmMGY5NWItODIyOS00OTZkLWI0MDEtNmFkNTVjYTU0Njhi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c9f0f95b-8229-496d-b401-6ad55ca5468b

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzlmMGY5NWItODIyOS00OTZkLWI0MDEtNmFkNTVjYTU0Njhi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c9f0f95b-8229-496d-b401-6ad55ca5468b
date: Tue, 13 Feb 2024 15:08:11 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMtK39D8yz4HgGy3jtPhIHY&google_cver=1&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5X...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4olPzsHtXVlnywKyINlUh2AJ9sQ&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5...

170 B
232 B

45ms
45ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4olPzsHtXVlnywKyINlUh2AJ9sQ&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5XqBoBhqPDCG0iRIDcY

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4olPzsHtXVlnywKyINlUh2AJ9sQ&google_push=AXcoOmTsESx8sBNWBS6k23q1bQE-jmfwGkgAcW7Mhrh2iCn23EsktvAR8zZeQIBQA2D1mIYHfALGqCJTmcS8g5XqBoBhqPDCG0iRIDcY
Date: Tue, 13 Feb 2024 15:08:11 GMT
Connection: keep-alive
Content-Length: 246
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEN-NZxZmn2bx3FzgwtEtfpU&google_cver=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3K...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEN-NZxZmn2bx3FzgwtEtfpU&google_cver=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5s...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RrYcpnFEQD6gfElPLqZoBA==&no_redirect=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8x...

170 B
232 B

52ms
51ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RrYcpnFEQD6gfElPLqZoBA==&no_redirect=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3Kxn6U3Xg12DiDlIS8vtp4GnvYCXqUBQ

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RrYcpnFEQD6gfElPLqZoBA==&no_redirect=1&google_push=AXcoOmSxKy2nYVNIG0aGc-m-Yn2CwC_ivon_qt-Taz1bHDSaYfc-8xr7qcRYtv3vdeSp5sCFrp3Kxn6U3Xg12DiDlIS8vtp4GnvYCXqUBQ
date: Tue, 13 Feb 2024 15:08:11 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEAxXeikfHVslcLHvzW_CvqI&google_cver=1&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEd...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEdHnFk9jJ2L&google_hm=ODUwODM...

170 B
329 B

49ms
48ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEdHnFk9jJ2L&google_hm=ODUwODMxMjc0MTQ5MjEwNjAxNQ==

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTy-nFvFjOfShH-a1AjzTf1lxoNmoZsUfqF2pu9CNk0PzFCPucr2Ky2Otlw-2jAnQBCDNJM5ZX1TXXKM_ydsrgRSEdHnFk9jJ2L&google_hm=ODUwODMxMjc0MTQ5MjEwNjAxNQ==
Date: Tue, 13 Feb 2024 15:08:11 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AD8
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTEks7PaiB0IQKHZBpvf4HeTbO678dgzSMqG30W7I58pflLh5c2thd3d6oZXYnqIZALuVtb11Obt5GNd1Rw9qRRGwwFJp2tE8Q1&google_gid=CAESEInT0jawH...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEInT0jawHwpb0zvysfRLhVs&google_hm=T1BVNTRjNGQ0MTM3Y2ZmNDE4ZWFhNjFkNmUyNzI3OGYzZjg&google_nid=opera_norway_as&google_push=AXcoOmTEks7P...

170 B
188 B

53ms
52ms

Image
image/png

142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEInT0jawHwpb0zvysfRLhVs&google_hm=T1BVNTRjNGQ0MTM3Y2ZmNDE4ZWFhNjFkNmUyNzI3OGYzZjg&google_nid=opera_norway_as&google_push=AXcoOmTEks7PaiB0IQKHZBpvf4HeTbO678dgzSMqG30W7I58pflLh5c2thd3d6oZXYnqIZALuVtb11Obt5GNd1Rw9qRRGwwFJp2tE8Q1

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 15:08:11 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEInT0jawHwpb0zvysfRLhVs&google_hm=T1BVNTRjNGQ0MTM3Y2ZmNDE4ZWFhNjFkNmUyNzI3OGYzZjg&google_nid=opera_norway_as&google_push=AXcoOmTEks7PaiB0IQKHZBpvf4HeTbO678dgzSMqG30W7I58pflLh5c2thd3d6oZXYnqIZALuVtb11Obt5GNd1Rw9qRRGwwFJp2tE8Q1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 328
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4AD8 0
130 B 132ms
48ms Image
text/html 142.251.40.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kuv3xCwV_bTBZzDdZm_qYTvtmw84MgLq4HtqrS3uc3QcdWjAbZlojwDWdn-Gtt5gD3-GmD5lXl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6199 16 KB
16 KB 30ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:11:02 GMT
x-content-type-options: nosniff
age: 399429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:11:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6199 15 KB
15 KB 32ms
28ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:24:29 GMT
x-content-type-options: nosniff
age: 452622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:24:29 GMT

POST
H3 204 AGSKWxXAvn4UTi3UYVkfvMy8z1pmO0Oj3OT1wYx4UwTFzGEJGwxPMS00pFrM7laFkchxFcYZspWI75I0abimIQLqfSPT6h63oUzoJXrCA9Gl3g_4PG-h1yedFE_EeK8lPKpvv_goicTnTQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
50ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXAvn4UTi3UYVkfvMy8z1pmO0Oj3OT1wYx4UwTFzGEJGwxPMS00pFrM7laFkchxFcYZspWI75I0abimIQLqfSPT6h63oUzoJXrCA9Gl3g_4PG-h1yedFE_EeK8lPKpvv_goicTnTQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KcPDQ8Znu-tSmXKbtet8ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KcPDQ8Znu-tSmXKbtet8ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XDc7l63jk1gx4T1PxkBAjoYmw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://galaxyfirmware.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
49ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmqiI7wQ31NO-Niz_SE5pXz4fsNtc6fjFTsrH_8jtErr9Qn69ltF2g11oxR43C23RwWLeACXkGyxbObsZjq8nuroDFHYv6c3zLjjsN0CBgRVcl0p3NbEwpD7D8DfBVw96K8lTF6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pMqWFLg06LUdAYxGVsotvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-pMqWFLg06LUdAYxGVsotvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XDc7l63jk1gw9knPxgBATcY-g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://galaxyfirmware.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6199
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEhRO2YXLZYO1NazuxtYPl_6egAWG8s7sdaqj74rFEuvO3bOZDhABILebiTZgye6Oi8CkjBCgAZyjndIqyAEJqQJ--LmYd0WSPqgDAcgDywSqBOoBT9An_k1X3eMRa3vME2jFzRJ3evCPFJj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x306ce65bc8cccab0000000000000000%22,%222%22:%220x173298c436ddf9f30000000000000000%22,%223%22:%220x69924eb...

0
0

86ms
86ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x306ce65bc8cccab0000000000000000%22,%222%22:%220x173298c436ddf9f30000000000000000%22,%223%22:%220x69924eb979f3a75e0000000000000000%22,%224%22:%220xbb9fa3ebfbab36f00000000000000000%22,%225%22:%220x8c5172f7a377dbaa0000000000000000%22},%22debug_key%22:%226499409072644238090%22,%22debug_reporting%22:true,%22destination%22:%22https://seritas.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211446735260%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213546107102743303297%22}&andc=true

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x306ce65bc8cccab0000000000000000","2":"0x173298c436ddf9f30000000000000000","3":"0x69924eb979f3a75e0000000000000000","4":"0xbb9fa3ebfbab36f00000000000000000","5":"0x8c5172f7a377dbaa0000000000000000"},"debug_key":"6499409072644238090","debug_reporting":true,"destination":"https://seritas.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11446735260"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"13546107102743303297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 15:08:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x306ce65bc8cccab0000000000000000","2":"0x173298c436ddf9f30000000000000000","3":"0x69924eb979f3a75e0000000000000000","4":"0xbb9fa3ebfbab36f00000000000000000","5":"0x8c5172f7a377dbaa0000000000000000"},"debug_key":"6499409072644238090","debug_reporting":true,"destination":"https://seritas.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11446735260"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"13546107102743303297"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5253 51 KB
19 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:49 GMT

GET
H2 200 like.php Show response
www.facebook.com/v8.0/plugins/ Frame 48AE 34 KB
15 KB 203ms
99ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=2015629328680913&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcc8d44624f6c95c5%26domain%3Dgalaxyfirmware.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgalaxyfirmware.org%252Ff053f32894b1d888f%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fgalaxyfirmware&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fdd234e641173a7b2476d60faaf9ff2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

837d0ea52dcec72c2013f209267c0b4c121564caf3e273c0c379e99783e86b33

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co media.tenor.com .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co media.tenor.com .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co media.tenor.com *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: OjV/S/u/E3UhItFZi2Yp4Dax6pm0X6BpDVpQ7Krmkyq3O3nJG0zqdRctC5d07TtFFsUKF/UPkhE0n1P+szpJeg==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 106ms
106ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555259a3542225eff08b7b936f0497747e84eaece20b9cd4d898348bb1e35734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12226
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
85ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Feb 2024 15:08:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 15:08:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFEB 13 KB
5 KB 26ms
24ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 68311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 20:09:40 GMT
expires: Tue, 11 Feb 2025 20:09:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8BBB 829 B
997 B 47ms
46ms Document
text/html 2607:f8b0:4006:81d::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

7a092a3c30232d38c4c7f27a49c529d87ebb8ae3017e84fb629ead609a3dc66c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rN1Z9S-TH9s_IwNQMrv9eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://galaxyfirmware.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rN1Z9S-TH9s_IwNQMrv9eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 15:08:11 GMT
expires: Tue, 13 Feb 2024 15:08:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame BFEB 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 20:06:56 GMT

GET
H2 200 8CPNX1VWCE1.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/ Frame 48AE 529 KB
137 KB 31ms
30ms XHR
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/8CPNX1VWCE1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=2015629328680913&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcc8d44624f6c95c5%26domain%3Dgalaxyfirmware.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgalaxyfirmware.org%252Ff053f32894b1d888f%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fgalaxyfirmware&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f41d88f3588a78d8a6bf68339abf442b9566a254290fbf1c275356b998042571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date: Tue, 13 Feb 2024 15:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mYKXh6hPt5+ah8Yopcvkzw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139801
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug: AYfuvOnLciFU7jrOgX8dxfDkGL5zcsTH6iyxXgXF2VV6t1I3LPQ7pcenB3k6WxBv3+Blaj2qJ3KDe03tnm8BJA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Tue, 11 Feb 2025 20:33:26 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 48AE 299 B
1 KB 91ms
30ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 13 Feb 2024 15:08:11 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-debug: U3Ab1YGTI+9wIuepjXdcjXt8A3Sh56JiFgYD6s4WmwYhFprIvCOHQslmXKr34uTyQl1CEAWoLQTuk+N41+Es9Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:05:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8BBB 0
0 86ms
85ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240212&jk=1994421921894393&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BFEB 0
10 B 25ms
24ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0NAubA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:08:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240212&jk=1994421921894393&bg=!SUqlSgXNAAaxkZ3akZE7ADQBe5WfOLyik0UpoBz7Ck6TWWO-AlYeVu5c0lgySh6uvWDx4NVTljJfmMZTvu6BlsRHIu64AgAAAG1SAAAABGgBB5kC1jyETMESNsxXF-tPQebOw3Wv9EzZgTbdyB4dLgTZU6wEXYEfMRSiCwdQLoqYdyyVMBtUIkhwulu1KqTTWeEGtMlhWlxbdz_VMt_v6-OpWXxVv-pvudTOJ58DyofgfEylK3yfGplPSA5TW8Q2212t3vKn6e15K6i9T7BvCZ9UbN0L6Fg6M6RcUivFwSnvduBpYsAlQ_kO_TW3fyD411UtmRF9ThBBkzbCrdLEDSKuhWeF9MPgJBh_D4G87fBGKJvGpill1aVW3PsszAc1FITEG6WKC7REeoPoyqA6nZVS3KBNrmlmddqVwgH7QOc46cHtYx9zc7bs_Cj4oBNoBgH3PZpRcQ2b533m_bRUvtxwA5Kzuc6kUxwrvFNhSePBTtsaji39oP_9iUcgSE6EMBxGy_OpOc4jPlYp1Pz8vDtOiD7SiJ_1Qoh4r9JC4_bZxUj94ds6hTCeO1ccF3ZxVVVHz1hwephH0H1a2s1umoEXdiJWvW8M2xinIo9ayKYs_LCAXhz5K_b-h8uyqC66aS-l6cT-2i0q5XjsXixt90IwQiXzBq-COjuthaLUxdvp_wT1JR5xHD8n2EWKkgSsXToLultQRZFpCQveQ8BfwQTY-4xZApsAInTuT32Lg3WN0D_ws0BaDwUMQqNvJcmjRoXdjjR5RoEZDXi85lpbolVzFx8X3kOygEKkO-DU924D3Lv_p1RjzFnI1lLGwegd7hnKpSgEXgotnCT0YDjpawtPJ6yIJ_ywCUBqsxRnt8VzZ_ZdD5BbXIGmzihQVGnkoNPh4grLd--chA-a00ivPsEJkWEggnNo1fvdpXXD6BwfB0hFb0QucsuY5B7553VO5spy9H8V6_Dbu1Rdh_ceLClNvGbOFJqBoUcWER5Vr9zlgaC29RmpKr74ohfgz9JsfnrkvDjTIL_-12o_Z5T0ZiWEtTnrpN8YH3uBnFiCuosmlk0Y8Cdma6_qqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://galaxyfirmware.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.galaxyfirmware.org/	1970-01-21 03:59:56	Name: _ga_BZBTEHWZ0J Value: GS1.1.1707836887.1.0.1707836887.0.0.0
.galaxyfirmware.org/	1970-01-21 03:59:56	Name: _ga Value: GA1.2.1010830023.1707836888
.galaxyfirmware.org/	1970-01-20 18:25:23	Name: _gid Value: GA1.2.1723499644.1707836888
.galaxyfirmware.org/	1970-01-20 18:23:56	Name: _gat_gtag_UA_124198581_2 Value: 1
.doubleclick.net/	1970-01-21 03:59:56	Name: IDE Value: AHWqTUmTQIzz4lEvLQbRJJW2eM-GjuD-L7yvTMfdYXk7swdQI-Bq_rvO-kgrCp_LJIw
.doubleclick.net/	1970-01-20 18:23:57	Name: test_cookie Value: CheckForPermission
.galaxyfirmware.org/	1970-01-21 03:45:32	Name: __gads Value: ID=5447edbc9e6afac0:T=1707836888:RT=1707836888:S=ALNI_MZrpJ7kuW_ed0P03YdM5SxdTiseHg
.galaxyfirmware.org/	1970-01-21 03:45:32	Name: __gpi Value: UID=00000dc28cee5eef:T=1707836888:RT=1707836888:S=ALNI_Mar_rRQ-hkegah_y7aw_uY5YUHoPw
.galaxyfirmware.org/	1970-01-20 22:43:08	Name: __eoi Value: ID=b4e6970a341d8934:T=1707836888:RT=1707836888:S=AA-AfjZshsDr4Rss4jAgYWlzedSA
.googleadservices.com/	1970-01-20 20:33:32	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:24:00	Name: DSID Value: NO_DATA
.galaxyfirmware.org/	1970-01-21 03:09:32	Name: FCNEC Value: %5B%5B%22AKsRol_fRGxZHCvwH_Sl9-O4rSGFX9gwIpCN0d99MIhGJeWGznvqfoPOORxHBwEPfpO0jEIMqTtmtSfwTV6zHv20vqdkdEzllEJjq16NKGAGM3AA5vR-g9GyjM_swE6pwp8814nKxdEooDzvW8k5BgR7Fmhm_shTrg%3D%3D%22%5D%5D
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MStjA1sDA2NDI3MTSxNDI0MDMwNBXiM9StqPD09fA0KvYuSXcHADW3qAIlAAAA
.rfihub.com/	1970-01-21 03:45:32	Name: rud Value: H4sIAAAAAAAA_-MStjA1sDA2NDI3MTSxNDI0MDMwNBXiM9StqPD09fA0KvYuSXcHADW3qAIlAAAA
.rfihub.com/	1970-01-21 03:45:32	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dayISM3MTvMIK85J9vEoqwqPdy4r9AziNTQ3MLcwNrOwNDQ1NXvFiMoHAEZbS2Y9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dayISM3MTvMIK85J9vEoqwqPdy4r9AQA8CfHlB4AAAA
.adsrvr.org/	1970-01-21 03:10:59	Name: TDID Value: c9f0f95b-8229-496d-b401-6ad55ca5468b
.quantserve.com/	1970-01-20 20:33:32	Name: d Value: ECIBCQGRK4EA
.quantserve.com/	1970-01-21 03:54:11	Name: mc Value: 65cb85db-8e1f6-3bedb-5cac5
.mfadsrvr.com/	1970-01-21 03:59:56	Name: tuuid Value: 46b61ca6-7144-403e-a07c-494f2ea66804
.mfadsrvr.com/	1970-01-21 03:59:56	Name: c Value: 1707836891
.mfadsrvr.com/	1970-01-21 03:59:56	Name: tuuid_lu Value: 1707836891
.adsrvr.org/	1970-01-21 03:10:59	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI_J60ifSr1jwQBRgFIAEoAjILCJSpi7aKrNY8EAU4AQ..
sync.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id Value: s%3A0-e2894fce-c1ed-5d59-67cb-02b220d95487.k2%2FA8igkKIaOEJMg5tp9yZvOo3DO6UMrD12Omg%2Fa4Us
.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id Value: s%3A0-e2894fce-c1ed-5d59-67cb-02b220d95487.k2%2FA8igkKIaOEJMg5tp9yZvOo3DO6UMrD12Omg%2Fa4Us
sync.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id-v2 Value: s%3A4olPzsHtXVlnywKyINlUh2AJ9sQ.3NeRPd88rwu2YWopfEMFgseW1an3BAIURxpu7S2OaBs
.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id-v2 Value: s%3A4olPzsHtXVlnywKyINlUh2AJ9sQ.3NeRPd88rwu2YWopfEMFgseW1an3BAIURxpu7S2OaBs
sync.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id-v3 Value: s%3AAQAKIDN93c5d2CcLYBXinhA5GmTpFF8SKk-lyyeNfE6ZJBOgEHwYBCDbi66uBjABOgRZmQvUQgR-jOcR.bzZbTLua9csWzDn1CDS5UFc3UXixlsddAAEL%2FK9eq9s
.srv.stackadapt.com/	1970-01-21 03:09:32	Name: sa-user-id-v3 Value: s%3AAQAKIDN93c5d2CcLYBXinhA5GmTpFF8SKk-lyyeNfE6ZJBOgEHwYBCDbi66uBjABOgRZmQvUQgR-jOcR.bzZbTLua9csWzDn1CDS5UFc3UXixlsddAAEL%2FK9eq9s
.mfadsrvr.com/	1970-01-21 03:59:56	Name: ssh Value: !google,1707836891
.dotomi.com/	1970-01-20 18:23:56	Name: DotomiTest Value: 4d9547e2620149b
.adx.opera.com/	1970-01-21 03:09:32	Name: UID Value: OPU54c4d4137cff418eaa61d6e27278f3f8

99 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://galaxyfirmware.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
a.rfihub.com
cdn.trakteer.id
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.mobillee.top
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
galaxyfirmware.org
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
rtb.mfadsrvr.com
static.xx.fbcdn.net
storage.googleapis.com
sync.srv.stackadapt.com
t.adx.opera.com
tpc.googlesyndication.com
trakteer-assets.sgp1.digitaloceanspaces.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
103.253.144.208
142.251.40.194
142.251.40.226
199.38.167.131
2606:4700:20::681a:5cb
2606:4700:3034::ac43:ae87
2606:ae80:1451:17::1370
2607:f8b0:4006:806::200e
2607:f8b0:4006:808::201b
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::200a
2607:f8b0:4006:823::200e
2620:116:800b:21:1456:d0e1:7db4:a56b
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.207.24.140
52.116.53.150
52.223.40.198
54.144.126.196
78.47.153.119
82.145.213.8
00f59da926d489e3ac5c881db1bd2699717b8b5106a9b7968dde2fa02d2c1f9a
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
0a736daf331504161482b80810fc07d06f0a91d47dc03c9cec0808785cd76a01
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a
128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
1368dc3d9f9eb0bd9b73d5959366cb5e81cb909d2b8ca3e626c21233b342bd78
16b045e3070264b4c70db16bf1cdcd9eddcc91f0e3bd79421f398577c6518b3d
17c1c66141f1aa0339fefc5863866d67eabcb1732bda7d5d757b2cb937c93da1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a28b43e16349bac2be780c2e27ddac7c980774a15303ca53c7673a8fcc4414b
1df01658452c3d40bcbe47d47639c9130828dd84d29a9fc1855722ed6df3f528
1e7e075838fc9a96230c537290b27c438f8a07b2c6f70a369ace39623a31eafa
20aa93d2622150599f200ee05a7c332512d9c9fb3ec5e5b2728c18a5b23ab757
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
233cc63e761d663f156c1adf6862c3af1c4eff6fba7d7b3b38ab324126687208
233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87
23848a0b9266d5f7b94855fe4f8b6b8720dd52ae46f47073d29be7db670d1ace
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2590216f85258f9fbecd6452304a22fda2416e4cb3106d0dfa119848738c130e
265906e27b7bc9169b39564713880f07af8ffd23a178ebb75f90224c684719f1
299f8ff3f6de8b92fae5a9cfba2ef2e3a29656554f773eb30fe3d3a2e647ca35
2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08
2bf96c66e3d73bb911bcd3f48515ec8856f9e08fad67a3006c1b2d0954d61cda
2d4aacc3985096be0319521b456d42c9cadcf05e76495054be1cfc661f0813ee
3054d4e61ec2de31e08ce51c8e1bff64fe2d4cc39f3bc6b3988a5e3aab32379c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae
35c1215c2ac9fccc5d4b2d76554ecbb698e83f7ed4d3b564d67bae046e72533c
38104f1d5312e3159728a24ea9bd32043f8fe533bfad09ffecb6221b3e3a6bb7
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3b1d740831b2e479f1180cf5d5a43329500c73b80c856745fda294d3719af67d
3d9848032cd97de2f0ee227feb3b842ca9a1d4362446fbb4b8c4aadef9e5f9d8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c
44b7d1f3acc75aa8ff817b55d499dcb24770a3423b624bff829cb26729de7c16
456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
49be548a64fb7cc0e31c0ffd0453225a50133a56066b2a1161a367a0c941bd14
4a3a352286d467821fdc52b7dd88fb8ba1ab502b6b0e96b34ff7900a635c9539
4a88b4ce83b90ddff41c1dad29ff5b6771864fe6585d99eded3c5e21ab3ee711
4aeba0b695e7e09556b3eb1f8558445eac21d39e9b70148aedb6c10a30a3af04
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e94e5c3a524345e7c24f3807ab2ca812225ea6ccdb59ec67125b0ea3ed02cd5
51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf
555259a3542225eff08b7b936f0497747e84eaece20b9cd4d898348bb1e35734
5555b3d8084600b26e83c79842ee959041f489d96abe7125e6e3a6b7e196b97c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58616486e2fa2080f28f1f34707ea5d45de9766f47bc12c4b1d6ae2a3247388d
5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0
5bda905693ffed32df95f79a8eeac1fbf062630de05f48875e109c35681e2331
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63667b36ddd95d29a9f163e3ab4b9f7000dcd310350c565c19b975a0a2418117
64ea86822fefdbe030dc77f75849dbd35bd7466ddfb56f694d4bc48fcbf6cb4a
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
68ca74c32f951cfc0e8b8ccdb3ae0c3792fd2187db3b9a8b1010a5b772572022
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0d564e4d0d77813b6025e36d14d14c90f61c18eed0668ca61c811e63e9462d
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
7705195580e738309728cf0d297fecf6418d2de86b89c92bd7f185d239d0de9f
7a092a3c30232d38c4c7f27a49c529d87ebb8ae3017e84fb629ead609a3dc66c
7a5f630faf7d03951e220f433949b95bc0c737100d5b5bf6b4c21c85e694d214
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ecf4bc58f31b240c96e7828db4db48509e17fbd1bc3df19a64f845f255fc143
81c0d705d39830242859e71362a824e8551972dc4b727675a1a3e03e3b02dc0c
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
8258503043a0a3b6fc68ef1af0025ef0de85fa482fb77e8ba220c3cd6a7a86a7
837d0ea52dcec72c2013f209267c0b4c121564caf3e273c0c379e99783e86b33
83db2f288c1d10ec10621c63b6f0b52d33abf16bf0a87a0cc2d2a33b06d8354a
87476e4c4b339983bcda71637a718eed1670bed1e39d7419db41b8f9db3a9485
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a524f6ebba6858893c7f5b806ac21eb9053c6c25df83d8b33ab17ff854442db7
a5348c4a451091156bd62f18ab99e5fc267021a56980110e8b55242fe6fec5fe
a5c40dbb70fc9b8d5978744965d7f79a49468ed3a1faf507ffdb45adb6188b3b
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3
ac4ce157ed1bafba7516947609b46802d1d77bf78a203a2018d98731af32cf1a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
b33e27b2278468c08da9c3979d146c9e91d372faf76ed349bfb8ff17bfb331db
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b7f4f0961f007b0cc355df85903b0af0cfd6b655e23aa56aa547dc5ed693ae7f
b8e57774ff810c36f77b5d467ff6e565d30c649616c5fe48783f1850ea9aa48a
bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd
bb74c24862d9504047c043881ea6ec701fcfdde2ed18619b3e7528be4b2e2aea
bce89e541124ba056e50879611618d51b440d8cdcc6a2d29efdc4c725b7c7e24
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
bdcd1b7dc8e62b48257dd9081af62fffaf292329e17ffb2c49d4098c7a11f4b1
c01fe42e18b1faddc87a7f68b46083dc10e7f0e0b38957e02a05efe35522ec9c
c0c15d6490d2d2d6fd8f068fa234e252fdb27d515da5449529d5d89b3c2b7d0c
c6bfe771a066565d51ef78b2ac6910e3f459108f79040d4866cbe731d0ac1e73
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c8cb337434b2afdbe8bed8bd655dffc414c024ffc8a938c6c279ad42e8c151ea
c9736a323e21df1bcd768ea4bbcf15e04b4f53c12573507b9f0ee1298f51a2ca
c992340a8c8284fca33fbcbcb287ace68c355a0603c471d9b09a207ab4f7390c
c99818077d9206829c05a7c070a4ae061cc4e5acec82371cccc15e204faa1494
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0559601e66f56f5b0355d7c9fbf0c397b6efce469a5d4d02a51b3bca7670c96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7437303df46a7ffd5bc94d07b13f07668ca4b25275584f7a55bf00be930355a
e97f100d4e8f14572f785bad1aebd67c5e785042bfbafb9963035f0f38333bda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cecf2ad6296e5d9ee4885ecd972da952bb680c32941d1c52100f5d21c3f02f
f41d88f3588a78d8a6bf68339abf442b9566a254290fbf1c275356b998042571
f4446ec02b27aede3006b29c54d142f75e6b6446096cbfc633bd11933180ed76
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c43ca25b40c7503113ad41e37a79605d940a78a2dcf9d0382fb55cf54f7a2e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392
fa164984f038fa81540d519c5d08123ed55f31bb8aa73798af7698c69dca2226
fd167a43304972aa43f76a0ec3f03dc89dde4f96adc654a7e0e2e1257aa9a7e5
fd779537344fa9e29f4b0ef9217d39329eb4029d488014843280b23f99b62940
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

galaxyfirmware.org Open in urlscan Pro 78.47.153.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

95 %HTTPS

63 %IPv6

23 Domains

28 Subdomains

20 IPs

3 Countries

3164 kBTransfer

7814 kBSize

32 Cookies

10 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

galaxyfirmware.org Open in urlscan Pro
78.47.153.119 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

95 %
HTTPS

63 %
IPv6

23
Domains

28
Subdomains

20
IPs

3
Countries

3164 kB
Transfer

7814 kB
Size

32
Cookies

215 HTTP transactions
6 data transactions