forum.lowyat.net Open in urlscan Pro
2606:4700:20::ac43:4a59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forum.lowyat.net/topic/5307532
Submission: On September 08 via api (September 8th 2022, 7:10:57 am UTC) from HK — Scanned from DE

Summary HTTP 215 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 34 domains to perform 215 HTTP transactions. The main IP is 2606:4700:20::ac43:4a59, located in United States and belongs to CLOUDFLARENET, US. The main domain is forum.lowyat.net. The Cisco Umbrella rank of the primary domain is 243604.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2022. Valid for: a year.

This is the only time forum.lowyat.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:20:... 2606:4700:20::ac43:4a59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	184.51.9.18 184.51.9.18	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
2	2606:4700:303... 2606:4700:3035::6815:4f7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3034::ac43:9689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4 7	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	52.56.49.215 52.56.49.215	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.54 13.225.78.54	16509 (AMAZON-02) (AMAZON-02)
4	52.56.221.73 52.56.221.73	16509 (AMAZON-02) (AMAZON-02)
215	55

37 2606:4700:20::ac43:4a59 (United States)

ASN13335 (CLOUDFLARENET, US)

forum.lowyat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-cdn.lowyat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.18 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-18.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (Vienna, Austria)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

i.kym-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:4f7c (United States)

ASN13335 (CLOUDFLARENET, US)

pictr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:9689 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.12 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.157 (Nagold, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.49.215 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.56.221.73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	lowyat.net forum.lowyat.net — Cisco Umbrella Rank: 243604 images-cdn.lowyat.net — Cisco Umbrella Rank: 884256	514 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	347 KB
26	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 static.doubleclick.net — Cisco Umbrella Rank: 439 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	221 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 782 pix.eu.criteo.net — Cisco Umbrella Rank: 5551 csm.eu.criteo.net — Cisco Umbrella Rank: 5700	128 KB
16	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35377 hal900021.redintelligence.net — Cisco Umbrella Rank: 300783 hal900014.redintelligence.net — Cisco Umbrella Rank: 360560	120 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	807 KB
10	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142 region1.analytics.google.com — Cisco Umbrella Rank: 3915	16 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120 jnn-pa.googleapis.com — Cisco Umbrella Rank: 341	125 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	6 KB
8	adnxs.com 4 redirects acdn.adnxs.com — Cisco Umbrella Rank: 876 ib.adnxs.com — Cisco Umbrella Rank: 329	38 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21601 api.webgains.io — Cisco Umbrella Rank: 44543	170 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	224 KB
5	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 36991 medialead.de — Cisco Umbrella Rank: 36713	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5202 www.google.de — Cisco Umbrella Rank: 3469	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3325 ka-f.fontawesome.com — Cisco Umbrella Rank: 6377	23 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9447 ads.eu.criteo.com — Cisco Umbrella Rank: 5636 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7591	50 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	132 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1004 syndication.twitter.com — Cisco Umbrella Rank: 1252	133 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	156 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 55668	6 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 15259	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 37685	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 337076	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	87 KB
2	pictr.com pictr.com — Cisco Umbrella Rank: 706020	316 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	105 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 206	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	644 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1568	5 KB
1	tenor.com c.tenor.com — Cisco Umbrella Rank: 12799	4 MB
1	kym-cdn.com i.kym-cdn.com — Cisco Umbrella Rank: 42872	73 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 4706	31 KB
215	34

	Domain	Requested by
33	forum.lowyat.net	forum.lowyat.net static.cloudflareinsights.com
15	pagead2.googlesyndication.com	forum.lowyat.net pagead2.googlesyndication.com 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com forum.lowyat.net
10	www.youtube.com	forum.lowyat.net www.youtube.com
8	hal9000.redintelligence.net	6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com hal900014.redintelligence.net hal900021.redintelligence.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	static.criteo.net	ads.eu.criteo.com
7	pix.eu.criteo.net	ads.eu.criteo.com
7	ib.adnxs.com	4 redirects forum.lowyat.net googleads.g.doubleclick.net
7	www.google.com	forum.lowyat.net 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com www.youtube.com tpc.googlesyndication.com
4	api.webgains.io	analytics.webgains.io
4	pv.medialead.de	hal900014.redintelligence.net 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com hal900021.redintelligence.net
4	hal900014.redintelligence.net	1 redirects 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com hal900014.redintelligence.net
4	hal900021.redintelligence.net	1 redirects 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com hal900021.redintelligence.net
4	jnn-pa.googleapis.com	www.youtube.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	images-cdn.lowyat.net	forum.lowyat.net
4	securepubads.g.doubleclick.net	forum.lowyat.net securepubads.g.doubleclick.net
4	fonts.googleapis.com	forum.lowyat.net cdnjs.cloudflare.com hal900014.redintelligence.net hal900021.redintelligence.net
3	www.googletagservices.com	googleads.g.doubleclick.net 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
3	www.google.de	forum.lowyat.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
3	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.googletagmanager.com	forum.lowyat.net www.googletagmanager.com
2	cdn.track.production.webgains.team	6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	www.awin1.com	6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
2	track.webgains.com	forum.lowyat.net
2	adv.office-partner.de	hal900014.redintelligence.net hal900021.redintelligence.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	forum.lowyat.net connect.facebook.net
2	pictr.com	forum.lowyat.net
2	platform.twitter.com	forum.lowyat.net platform.twitter.com
1	medialead.de	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	static.cloudflareinsights.com	forum.lowyat.net
1	c.tenor.com	forum.lowyat.net
1	i.kym-cdn.com	forum.lowyat.net
1	i.imgur.com	forum.lowyat.net
1	acdn.adnxs.com	forum.lowyat.net
1	kit.fontawesome.com	forum.lowyat.net
1	ajax.googleapis.com	forum.lowyat.net
215	58

This site contains links to these domains. Also see Links.

Domain
www.lowyat.net
rss.lowyat.net
www.theguardian.com
pictr.com
www.invisionboard.com
www.invisionpower.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-26` - `2023-06-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.kym-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-10` - `2022-09-12`	2 years	crt.sh
c.tenor.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-17` - `2022-09-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
pv.medialead.de R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
adv.office-partner.de R3	`2022-09-03` - `2022-12-02`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://forum.lowyat.net/topic/5307532
Frame ID: AC0DAB9D2727CB7FCDDF15D23E4810F8
Requests: 85 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FItP77HqV9c?rel=0
Frame ID: 678B31A96907506C179555BB7DEEE0CB
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fforum.lowyat.net
Frame ID: 40A613B18BA4EA8F3E2D62F0A558A47D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Frame ID: AE26008F3907C76246BEAB880CA061AA
Requests: 1 HTTP requests in this frame

Frame: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4ABE960938E650CD239FEB84FAE05FEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&adk=1812271804&adf=3025194257&lmt=1662621050&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050253&bpp=4&bdt=518&idt=273&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3925211928341&frm=20&pv=2&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
Frame ID: C5D91462ACB8F41DFECE079E49A675B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&h=120&slotname=3254453113&adk=250581548&adf=4271478627&pi=t.ma~as.3254453113&w=970&lmt=1662621050&rafmt=12&psa=0&format=970x120&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050257&bpp=2&bdt=522&idt=290&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3925211928341&frm=20&pv=1&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UxBIYeP0Mo&p=https%3A//forum.lowyat.net&dtd=297
Frame ID: AF6D752E398DDA4840F8E2B80CF224B0
Requests: 8 HTTP requests in this frame

Frame: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AF27C2758E96C70F1EC36DBE5F676CBE
Requests: 18 HTTP requests in this frame

Frame: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A63C2D6AA6289F865DCCFAABE6832B6F
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxmVegAJup8KewVJAAOT2yGiF2r6jKNEr014Qg&u=%7Cg0%2B9kYMyIrw0rH5YY7iU%2BVzyfZ7oopC0kTubjj9PoWU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI379P6o9DqqGL1E_hgSm4OWk9PoN-jrDr1M6Be2-Fxb75IAkAgtBy2RysqvPRAcFIr5ThrVId34krOBKreCBcgpgWW7HVi9FiEguEdNy3aky9zeGm7itdfYjjJFMXt-EwOJURdRToRcDKsR0I1c5A7eBOuXXQbxWJNGlWRwSKPp9qTeFouQXXmwNCZap0ZI0tQRUV5yWzGLGNT6O4uyRaDu7omuI8uyq9quqTN2ox1wXKX4U7sl7fLaTwMrAJKN4MTsKbHuJ08RM_PwpGZ_vhoB88TOMBO5GWz8fCr2NWexa5HZQ8Ql3RpC8KNagcQ-VyvhbfNgtrI0eJkJHH3iTBe4Leo1TNwUpJlxpQNJVEOcGzLt7x7nTdR2_jII6Vw3w0_nUttgUjQmsB120Dp7oTwu84qDdwgfKSJBqT_FfgIm0gLFNF5Ger-eUh_U6XelG6f-v6vECM8m6LmtvE7PY0teT1EBW-70EfggmSq44U2nP5ARMBhG_rZ_jVXDxTTnN8ODulrw9khmhr-sk4bolQNd8Eq-5SPmztpd2nQcz-Kf1yNt7BSvDFmH8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7xkHepUZY5_1JsmK7APbp47gBMme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5Nzk2MzExMjA1Nzk5NjmgAdW20uoDyAEJqQKquKl29sCwPqgDAaoEzgFP0KZLtipysDIoo8kVQkjnEPZ3IYvZgIIaQt0uzEkT-llqwWItRncd1Se_0Itl29gIrYxSeo2ZpMZJryRmpxHi0m7uwEvbBozGnuknDUYlTGTmL5e0r5mU8vsFFYw1EWUQ_UiTkjfZsCgG08ZGfz8yvkFEdd-C-bWO1jIMc-QhUrkTsATLyTT2qg-dXV20JalWQDF3ji2kJLhXdWBcowbhjh_LLYE3RH9wChFSXA84JVoRHIcNybGBjTEM3JgcszyWTrTHP44ZAiJzNxeJkIAG-Mvu1c-shtiLAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02ZsAq9azoI3MNE29olpzwtr4BGA%26client%3Dca-pub-7979631120579969%26adurl%3D
Frame ID: D4A3C7605DA0FDC25FFC58B09F2F8284
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc_tRq3RzWQ2O5CaoDfgDmFgLySxCKvbK0hMm57rDZbJ0jiqU6OsTaTAMhDbyo6rGwdr6X_zdDGTe_MBg9pKXl5AFqwhw9kxMt7XVp41r3CusSloMbqaoJMpwLm-80tIFM2jLZ0TSCB3KHRylihBsx3RTlzDQfj6W5BLB_1smo51halyw
Frame ID: 4AD337D09E49F7E3DAE667E2A7AFCA51
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVPUkb3zpkCUwPC1T36P4aa6CjF2AR7AcqevEtjfoF2rOBY6DVW_c1YJ1cTQ5dcYH7H7vM_x5sCQHfGBvQa5UBy-kp8HP1hajj1wbWV1J-Ef1qqtTCa69gGeBfLmecIbqYmIGGmahhGq3wu0J6WBB9XGnyjNKDqM5OehEqYSi3h4mRbu2s
Frame ID: 83EE87F9BABF70B927D23CF911F90AA1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2C9A82919E1789163E9D35B085531F3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4D8FFF0A91266E85B18335FFEDB6F518
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014&t=htlp
Frame ID: B2B0F0A94459C7409C3410BFDDC79408
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B7E28B8D5BAA0B5391BD458DDB4CAB5E
Requests: 1 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Frame ID: C1904DF75A923B4437D233337AE55562
Requests: 6 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=57521100035483900710612012076021&t=htlp
Frame ID: 2D4FF735AB77AFC2B5FCC0ADE9A6D4A5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 6383D9DF14C4BD1425BC6CADB5DFF9A0
Requests: 1 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Frame ID: 8B3217E3C456EA45D08E8A7C22B49EA3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87E456376B8BFAF557B6F5EDCC95539E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7A14CDE7046BEE604DC181633EB46B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Teletubbies to return on Netflix as series reboots

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

215
Requests

94 %
HTTPS

64 %
IPv6

34
Domains

58
Subdomains

55
IPs

9
Countries

8399 kB
Transfer

13430 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lowyat.net/
Title: Lowyat.NET

Search URL Search Domain Scan URL

URL: http://rss.lowyat.net/topic/5307532
Title: RSS Feed

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/media/2022/sep/07/eh-oh-teletubbies-to-return-on-netflix-as-series-reboots-for-streaming
Title: https://www.theguardian.com/media/2022/sep/...s-for-streaming

Search URL Search Domain Scan URL

URL: https://pictr.com/image/E0nG9D

Search URL Search Domain Scan URL

URL: https://pictr.com/image/E0npf1

Search URL Search Domain Scan URL

URL: http://www.invisionboard.com/
Title: Invision Power Board

Search URL Search Domain Scan URL

URL: https://www.invisionpower.com/
Title: IPS, Inc.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxmVe6q7sXcERHJLlIPyWQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMzUxNDI2ODY2ODYwNTIyOQ%3D%3D

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxmVe6q7sXcERHJLlIPyWQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMjU3Mjg0ODYxNDk3NTg1MQ%3D%3D

Request Chain 163

https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 166

https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 172

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014

215 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 5307532 Show response
forum.lowyat.net/topic/ 102 KB
18 KB 264ms
230ms Document
text/html 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d02477100dd5a6f4adce3476078384e1c7e646d2a81d2c39d0914e784f1242

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7475ddd768da910d-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Thu, 08 Sep 2022 07:10:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onSMybyYTSO4ZTya7W3WqyVdfKIUWQ3yY990AcubjFjwy3NSgrp6gvEEkOtLEDFmWmpNPkapXxPrMO0TWSvqQ3bZRj2mf4mQZ5VxwFR4Bm7%2F7hjKp8GxOpLf04pz%2FZDWKSqu6zQs4gS5zMpMNCE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-lighttpd-act: st

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 127ms
43ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:06:33 GMT
x-content-type-options: nosniff
age: 256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:06:33 GMT

GET
H2 200 5bf82f3e53.js Show response
kit.fontawesome.com/ 11 KB
4 KB 40ms
21ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/5bf82f3e53.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecdf10d11765565a85d9e402f1d94724ffaa9f8c1a323d82b58357d0fad824ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://forum.lowyat.net/
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 7475ddd91c5d9bd1-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FvqRZH_qUKCwsbwXmcoh

GET
H2 200 ipb_global.js Show response
forum.lowyat.net/jscripts/ 11 KB
4 KB 28ms
26ms Script
application/javascript 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.lowyat.net/jscripts/ipb_global.js?v=20200613-01
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254afc4aa446cf66a5b45d85a9bb58a45269b419aaaf974dbccd2c0b76f765ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77481
cf-polished: origSize=19456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Jun 2020 16:06:09 GMT
server: cloudflare
etag: W/"5ee25671-4c00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3ciyaVlzsXW%2BGH547nmTDK5b5XqhPUpsi45ypMAWgzIfUoBpLqAkHx2QkZmwvVnh3ugMS%2BuGWj46wLiui6we47EG6R2rEXVHQVICRpW07%2FdPBQK7bzZJugznorcIn%2B8KZdUUbP%2Bn6Ho%2FtYYkrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7475ddd8fad5910d-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 55ms
23ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Poppins:wght@400;600&display=swap

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab0ac9eac003cd14cfcc2726bd72c1f7d8074b240c9efe2e30f851724a5c0368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 07:10:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 07:10:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 07:10:49 GMT

GET
H2 200 css_2.css
forum.lowyat.net//style_images/ 39 KB
9 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b0ad4076355c7896ac31c2caacc9b270cbe5758a0c6b086298cc7f55b02aac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74482
cf-polished: origSize=58902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 07:15:11 GMT
server: cloudflare
etag: W/"630db8ff-e616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt43P1I%2ByjJOoFyR%2ByDhPct7fhvB35JYjlP7R5plkljfopWnatPy2ebaWTDh0bNwm1EMLe4OKk5FGYGmX%2FR6cbgfC0%2BgyCn%2BuiNUmJn2KXrLKXI8bJMkZcWM5KYQzFwc4U0A3dv6utWCJbebS4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7475ddd8fad8910d-FRA
cf-bgj: minify

GET
H3 200 prebid.js Show response
forum.lowyat.net/ 180 KB
56 KB 25ms
25ms Script
application/javascript 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/prebid.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9def55d6cb5fc18690de87e739f6dd367c9b818e4672fcafa9b0c15040cb516

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4306
cf-polished: origSize=183958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Dec 2021 05:51:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61b58de9-2ce96"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHHl%2BeZXT1Q9dyISSb4oX6F1SLozLhkpGB3KhX5YtLUZ7CazhPkG3HTBRiVXZMH84qFZca2HSQGVHZWR79BKsiw19bIxRwsxh%2F2zkQvjZ3Y%2BR245WFGnRTo8xUMIIUiXCNBrZy%2FtTE65LrLA03Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
cf-ray: 7475ddd9fcc09261-FRA
cf-bgj: minify

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 92 KB
32 KB 110ms
19ms Script
application/javascript 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1c2a7177414204cfb6308d1b3ac948ba52bf431e15ffca959861409ca6e68cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Aug 2022 14:21:51 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"62ea847f-16e31"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 32140
Expires: Fri, 09 Sep 2022 07:10:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 137ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f0d7e3be776a95aa450b154b04d81afcd544b253150c0b120cad75b73c0d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28602
x-xss-protection: 0
server: sffe
etag: "1327 / 920 of 1000 / last-modified: 1662592526"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 154ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144730-48

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aff436671ec704d75d869bd9740976bea95db49350793513b71c89fc42b5fb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42922
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 68ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 758
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/6763)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 all.min.css
forum.lowyat.net/css/ 54 KB
12 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/css/all.min.css

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cf17720-d747"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0YIgk6oq55f2XO4rU7l3WB44fLgUr3Wqfir4EYjWYN3J9ZQnc6yNGpBfzfM3x9GSh8Q6vnt7r44sDJxyGlmp9lHVXUQsztMfx%2BaIGLRXRkFI8XKGpE8vNHv7K1AI0BYimYss%2BKitUTUphWzpSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
cf-ray: 7475ddd8fadb910d-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 133ms
50ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bbc0a1a176faba3ab4ef9aebd61fbc1fd8afc56ce0ed7f7183d8256a57bb024

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 07:10:49 GMT

GET
H3 200 nav.gif
forum.lowyat.net/style_images/1/ 115 B
628 B 29ms
24ms Image
image/gif 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/nav.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb40e7f67a7507bf11ba06ddbeeba8c514e3c8c8226cbf88b3b2d2c6da37112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70657
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYT71bXGKPK5PwLjWA8N4Nrxz10SPAKkOPqmcmLy0Uq6Y7n%2BGlofa8MGtipp9Fv39VZCoTL8wliEO8A2pAevqSPI7Y63dlL%2Bb72DOL7PM7nuu8PKcrh%2BnMtpKfyBxE8RSYaptA%2Fr5A2vFO%2Fge7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda6d639261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 ipb_topic.js Show response
forum.lowyat.net/jscripts/ 2 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.lowyat.net/jscripts/ipb_topic.js?v=20150104-01
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98a8122fc62b8f07462aae39daa3ea1e2e1e0dc035aff8660110b2096694ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70657
cf-polished: origSize=3948
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: W/"5cf17720-f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NJg7Mp0qpgzwQDHrfqDDjjZQRaub8Hxa9jEqxMrBu9Ste05wwyiO%2BRDFCIvFWX64xNiA7m%2B9KCC%2BLueRZ%2BRL9bd1rYQciYDaQSk10SD08q2deiGkARoKa%2BPKhxDFvMwcbgsvvgVz9KYzqTOhr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7475ddd9dc8e9261-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 185ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7979631120579969

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72cbc332ffc0d42fbd5068d88b1c07a9be60226371633be4cd711df3318181be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51587
x-xss-protection: 0
server: cafe
etag: 1153717440489710847
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H3 200 nav_m.gif
forum.lowyat.net/style_images/1/ 48 B
596 B 50ms
45ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/nav_m.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c889cb4a2fa2f3750110810b9584681f42f245cabf5ca49fac70b15fc6448352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=53
content-disposition: inline; filename="nav_m.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-35"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWvOcXUH4O96E53Kw6WtIRlpCcXW2fyWBhJf%2Fb59Geuhwx5ws0Yj67a5kH6JFDQUDqme1Z9%2BNePoUXohP7vZYQG5C%2FTtWy4ySGVBoCwTlE1VLY0lLGRgn%2BYsU5%2BnHbaUcP5W9OEIcUDPc3ZlpCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d6a9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 to_post_off.gif
forum.lowyat.net/style_images/1/ 56 B
581 B 52ms
46ms Image
image/gif 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/to_post_off.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d234039da077441285efe22a836b44d98577dc709dbd753a511d344438d4d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origSize=64, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN2E48x7p622as36m%2BddeYQt2hMOv9zP%2B%2FIlNpFC9%2Fj9o%2FiTqKgxUdUjvhefGAWHBD3NyHpOlgFfowMUl3xF4s0W4MCyZFXivpd%2Bh1VNYQ62SHXc61m0PdGBUsHv1mqIfwLW0ZmaSp8zvYfG8OM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d6c9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 av-1065790-1576033045.jpg
forum.lowyat.net/uploads///avatars/ 10 KB
10 KB 2078ms
2072ms Image
image/jpeg 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-1065790-1576033045.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20da12fbf1416b52f52f8efc59eb32c61abf05ec56db2ff9979e3086323dbb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origSize=10359, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10043
last-modified: Wed, 11 Dec 2019 02:57:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df05b16-2877"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0XqazIAAkDvR2%2F05C8f5YX67UNqJXfUgal2eXlvjnFhGg1UYJrnfLX7EaWA34HNodeqZJqUc9YU3Jl1R0%2FRuVnXc41tbzhBypX%2FNhhbDH2A2RTu0PNSe9GP5mesfkKHZJ7mcMl8%2BfrLdmxCFsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d6d9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 pip.gif
forum.lowyat.net/style_images/1/ 488 B
1 KB 31ms
25ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/pip.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 393df0eac2588d4439fde581931f8c7d23c72f707e2fdda8bf45bbb2ddee4967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70658
cf-polished: origFmt=gif, origSize=627
content-disposition: inline; filename="pip.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 488
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-273"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcEnggNwdChNNIBtxrAFtJ%2BJ9Oy6e3NdlQUmcbNzwrSchkWDdEyLpixE6cxCnBAZd4Um9r3fOM9KpZBSeGgESCKRGQGuU%2Fy8pMxjU1PFCPw7SwO4wd7X4tnfUKlnbb1XLm3WhVkdecG%2B0yX7BII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d6f9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Male.gif
forum.lowyat.net//html/team_icons/ 420 B
966 B 54ms
48ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net//html/team_icons/Male.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73a3b3e6a298de2852c6a0c4ec7b97b4ecde62eaf7934b48557859d2308a588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=776
content-disposition: inline; filename="Male.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 420
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-308"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJUECNmads6AtEvdz82NoGriD9vuJ%2Br5TrWqM7QnbNNQe%2F1Nt3s0pQG0vsign7mciLMWHlrzpMqGBzf%2FZF3ElzzhmFgoUt1RJ%2BKZrJDSd%2BDaQkza1oZX1iL06whk7tJp0kqJKmibrBiPdS2Yp4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d709261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 spacer.gif
forum.lowyat.net/style_images/1/ 34 B
579 B 53ms
47ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/spacer.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="spacer.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-2b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b23DrKUKm3Kyuz7z3mYrY9wsNRtChIbZTnIPfqEsR6F75XKVtbQfs%2BnvgXyFUBC81pVchazrY%2FChZUhaTamglsBqlCyfRhhnVNzJHfjM7S6R6qUWiM91jXNyflLjGDpU8ryT%2BLVeBXnIcEsuoLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d719261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 p_mq_add.gif
forum.lowyat.net/style_images/1/ 1 KB
2 KB 56ms
50ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/p_mq_add.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86148b46a62524aadd5adfb7a3902e337c5751ee136b219ecb37c4dd6d3888c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=1633
content-disposition: inline; filename="p_mq_add.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1090
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-661"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AbHyeXiHZ6AXQeMOlk6eIFp3XSzL5JdcKgZWjoe6SbTuAan4hoQyxrhUitguOTinIVH2RneJpYCsXxQqe8bBVM0%2F0QzzZM58JUlkpZFO%2B3ZB%2F%2FBtnTR4%2BtavqTCmWLbr3%2FNJmJOSxkARmgnF%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d739261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 av-814339-1441866628.jpg
forum.lowyat.net/uploads///avatars/ 9 KB
10 KB 211ms
206ms Image
image/jpeg 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-814339-1441866628.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f65b876f42009f790fdfea4d26b48cb124715746cdf40febb1da85a8d1f664

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: origSize=9304, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9223
last-modified: Thu, 10 Sep 2015 06:30:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "55f12374-2458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3NiX4vflzGXdgE2Kka1xp824jDALiRdsvDXdv7Y35Dm4YdSW22nBOt4qXcxT47%2BlvJAFDUR656lAmdN5qdXNwmxbrU8LVksYhS4zmieDFEdLQwf9eQwhi3rQjRH%2FGJQQBPmMEJkEYIB5loSSG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d769261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 av-184282-1347637102.jpg
forum.lowyat.net/uploads///avatars/ 3 KB
4 KB 32ms
26ms Image
image/jpeg 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-184282-1347637102.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61855263be45f5d1a4a9a6732baa39d77336a3eea2c0ce09ce299bf677d948dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43133
cf-polished: origSize=3843, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
last-modified: Fri, 14 Sep 2012 15:38:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "50534f6e-f03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPQ37COpWFTdRTWiTi5gBYYqP7chvVx22KOYu775yVZscipU%2Fv4Cypi%2BsQayA4iacoD%2BNrqLsWVPov0awP%2FMx8XTfYOb4RAn3lpHgbi4fp43hQ%2Bq403tHhMRAD0TBzBrCK3N%2FhG6ud9O7z6yxeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d789261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 post_snapback.gif
forum.lowyat.net/style_images/1/ 53 B
579 B 33ms
27ms Image
image/gif 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/post_snapback.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf51f3e9261708bef6ce9ddbdaa58bc70a5dd4d455a4b1dec334d5de4068c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70657
cf-polished: origSize=61, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6AE7%2FH9Q%2FOOvpbdS9TapdevRT%2Bw9Puc3Ot1WCEgjlk2dVa8obc4GOB1aBkX3obrUzqlbLKV0uZCoaUK1gHNX9G8%2Fx8%2Fhjzl4Oe9pWhyovR82DRSd%2BCaVbzrsBrdOLxyUKCTmIgle4%2Fx8Xne5ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d799261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 biggrin.gif
forum.lowyat.net/style_emoticons/default/ 536 B
1 KB 54ms
49ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/style_emoticons/default/biggrin.gif

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07119149fb1441cf143c51849d02eaa89603cfb208663a5554f7026c2281475

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
etag: "5cf17720-2b8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4743
cf-polished: origFmt=gif, origSize=696
content-disposition: inline; filename="biggrin.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 536
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrRdRIwjg9f9U8%2FwstkCUKCH1eYPSdeQhgliJBqB8G4voNB6cQOeXqo2TS4bFCcPH3x7brzGZcWEvBgXtX0%2FlNp%2FV6rYPPJnLv51%2Fzxl1yXnFFC73EGFvTG%2BptZo545gkvMn0pPGDUqIRnXKcsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d7a9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 av-88754-1634978528.jpg
forum.lowyat.net/uploads///avatars/ 17 KB
18 KB 54ms
48ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-88754-1634978528.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e4c189b245668543a0c314e672e62758470822749aeff6f5156a7c796bc240

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86319
cf-polished: origFmt=jpeg, origSize=55324
content-disposition: inline; filename="av-88754-1634978528.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17824
last-modified: Sat, 23 Oct 2021 08:42:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6173cae0-d81c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNBxlZG4CLXvyRCVHCz5mCgzEWD8Kv2%2FQ8EBYXWP%2Fm%2BD%2BjeOrWqqKmMTBvn1TJw8DKMj9THvdHiZa8eJ818x4OVh43XAy9ms9Uk4YZgBgr6F7Tx9ehtsAIejQH6dvr4TOaDkSfb%2BWd%2BTYkV6m%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d7c9261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 av-1150558-1653872313.png
forum.lowyat.net/uploads///avatars/ 8 KB
9 KB 53ms
47ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-1150558-1653872313.png

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c6a1ce6227062f5e0e7e3ebeddc8c0a18f96c7345be4d8e2d629e8ece2889b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68393
cf-polished: origFmt=png, origSize=19852
content-disposition: inline; filename="av-1150558-1653872313.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8414
last-modified: Mon, 30 May 2022 00:58:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "629416b9-4d8c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx%2BtO8Z04AHwip%2BMGF2jXcMIMZTn9XqzCzQYABXLxUKmq8Yd14sUHExk1VFy8%2BroHMOG7ts8OG7PSi%2Fmjv%2BtF2lwBAm0ynQ60UHFuBb%2B%2Fkf8L3mvnG7R74sKaJa2P67VpGlaIE2fTLk%2B78p7VQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d7e9261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 r8c8t1c.jpeg
i.imgur.com/ 31 KB
31 KB 159ms
96ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/r8c8t1c.jpeg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8876b2f94261e8c9b63aaec7e0ea6635001597faf8041f1c3ebe3f733700b22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
age: 1343278
x-cache: HIT, MISS
content-length: 31642
x-served-by: cache-iad-kjyo7100095-IAD, cache-hhn4070-HHN
last-modified: Fri, 04 Mar 2016 08:16:54 GMT
server: cat factory 1.0
x-timer: S1662621050.050349,VS0,VE90
etag: "477cb7303f0f459b3ac2e152967827ad"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 av-861968-1459787002.gif
forum.lowyat.net/uploads///avatars/ 16 KB
17 KB 56ms
51ms Image
image/gif 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-861968-1459787002.gif

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577f6f51f9c62413b67e598ffaaf5da99288a5c9be425aba28dbd6efd3ec512e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1402
cf-polished: origSize=19832, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16454
last-modified: Mon, 04 Apr 2016 16:23:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "570294fa-4d78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APwgnj%2FLD59klMEylT8nLZ0Cu4lQf09AbgDL93tXxOcGty6PzeI41S%2FPculDUsN%2FNnUrT7ilLgbDFnx8C3CnmEIZcaHZO%2BnIT92lPbmXaw6DcKdL6iayIil5uZTddRLcUIzoQv%2BUqWl8oNySD5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d7f9261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 386.jpg
i.kym-cdn.com/photos/images/newsfeed/001/704/799/ 72 KB
73 KB 404ms
300ms Image
image/jpeg 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kym-cdn.com/photos/images/newsfeed/001/704/799/386.jpg
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 72bdfdc1eda155097e1d1ed06d34982891988ea37a821eaeb95ae1255b40a0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
last-modified: Mon, 13 Jan 2020 17:13:00 GMT
server: AmazonS3
age: 2306016
x-amz-id-2: +bBui+YHhwZuwcWTFRMi60kpI5sJx87T577Gt99L3zA6yKhDr39NdKDTSneJ+TImOKEKXXNpS+w=
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-request-id: 7NYQXE2PXA2TDFV7
accept-ranges: bytes
content-length: 73993
x-llid: da75c43e0ca0ab79ea04f0c87ec0a78e
expires: Mon, 09 Aug 2032 14:37:14 GMT

GET
H3 200 laugh.gif
forum.lowyat.net/style_emoticons/default/ 534 B
1 KB 217ms
213ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/style_emoticons/default/laugh.gif

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5eadf806b6ca1edd9149bd66ebfd00d410b5feef290bf879f6a783b7ca45045

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
etag: "5cf17720-2b2"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=gif, origSize=690
content-disposition: inline; filename="laugh.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 534
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jYV95ksAk3tvFtayKUNd9K2IeR%2FCSjS5uiLbwhUUtS2ffCsqaE8DfXaHvPEJOyu2ceAYTszTkW2VG%2FUklmObR8KzzdHFmTbeNt7mAUyIJmGF0I0ftS1cTFqZprgfrW9rYT%2BaTTcyjUzTz8yodM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d819261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 E0nG9D.md.jpg
pictr.com/images/2022/09/08/ 47 KB
47 KB 265ms
203ms Image
image/jpeg 2606:4700:3035::6815:4f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictr.com/images/2022/09/08/E0nG9D.md.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c714f14994b51b52510d14ebe8ca2916338816dd44c03f6918e01d68d351b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47625
last-modified: Thu, 08 Sep 2022 01:11:45 GMT
server: cloudflare
etag: "63194151-ba09"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2jbAOI6vBOfjGiPWcqNSFyJZTKiVHbUKBCc%2FeJF3WNoIVRVO8UrPj%2BNsFt46toR9ydKh7fs3jFjAqPNRxyaUArb9A8G4OW9fswE4MzfV2xKtT2H%2BlelH2lCIlLW1eeeyrQ%2B4av8LA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7475dddacae391d1-FRA

GET
H3 200 av-560569-1585982634.png
forum.lowyat.net/uploads///avatars/ 31 KB
32 KB 54ms
49ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-560569-1585982634.png

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5fbfdcc1c195f6ead8807e0462a4cc326a47fe56e3d4c0e82ab5063601a981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80376
cf-polished: origFmt=png, origSize=48078
content-disposition: inline; filename="av-560569-1585982634.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31756
last-modified: Sat, 04 Apr 2020 06:43:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e882caa-bbce"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DonI1kc0w6t%2BxnOrwe9zNc2dRVHhnBQWL3LpiepUnABWe2ebvmwUb%2FnpNyU%2F0bOlPIkFEjTH9Ko7Z12Cyv0OnUGeNjti6qTR1L32xzZQqV1sjneHg3f2bhs9v5H4i1zJoayOQH1PbxEcj%2BlfcJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d829261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 E0npf1.md.png
pictr.com/images/2022/09/08/ 268 KB
269 KB 271ms
209ms Image
image/png 2606:4700:3035::6815:4f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictr.com/images/2022/09/08/E0npf1.md.png

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e375d10af2f24fdfe6c67fb4686931ad2b797de53fb88f1f250d39706b73a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 274809
last-modified: Thu, 08 Sep 2022 01:11:42 GMT
server: cloudflare
etag: "6319414e-43179"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMd%2F9yyqcjCJctnrLla7I16W2hs7vQVncuei%2BDJEY33iQkTN8l9zSctIzhMcBmegu0jvl%2BcX9aeXaxa%2F3kD4behUJxYO7PIH%2FmgeFvJYi02Z%2F2KROO%2FMff8Zki2sKSkXT7RHCFiFzyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7475dddacae491d1-FRA

GET
H3 200 av-1145204-1648397048.jpg
forum.lowyat.net/uploads///avatars/ 2 KB
3 KB 233ms
228ms Image
image/jpeg 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.lowyat.net/uploads///avatars/av-1145204-1648397048.jpg

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf7a90c8315f064558a809cfa511d36ed128533a30ab9f0048b8b81649eaf52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: origSize=2510, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2156
last-modified: Sun, 27 Mar 2022 16:04:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "62408af8-9ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpheWqK%2FGK6i8QshBz%2FvCQR4x6pLUeujjk7q%2BB9QY0LnwoSrRPIPV2mnahDkiNPIWBn%2BTjiWl0GPnBgJiWaI6OSPXItVL%2BJhZPCjW4o3FiAMTdGN13VpUE5ynTyJA3eqge9uGjCsrkDhoga2m%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475ddda7d839261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 teletubbies-funny.gif
c.tenor.com/afBHbiF6_DoAAAAd/ 4 MB
4 MB 133ms
41ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tenor.com/afBHbiF6_DoAAAAd/teletubbies-funny.gif

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43684a3ce0fa571e3a81122433a9bd6023eeb278ccb1132f804f281a86fdd4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:33:54 GMT
x-content-type-options: nosniff
age: 16616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4622002
x-xss-protection: 0
last-modified: Thu, 24 Oct 2019 14:18:43 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Fri, 09 Sep 2022 02:33:54 GMT

GET
H3 200 stat_time.gif
forum.lowyat.net/style_images/1/ 384 B
933 B 58ms
54ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/stat_time.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23ae651c40029bf56e0e56719f401cf0077b22e6cc2762638458d608ebc9ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=1039
content-disposition: inline; filename="stat_time.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 384
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-40f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt2jQnfc7eysZWV7JTm2Af96gmYje7qdMRlcX5GX8gmgfqcKIw5nPwDyBWrTwD8BPHtoV83oS6G%2F6tZUk0N0KlfraAsfgObVUh7I5JKjcdema9%2FamFvUbPRUJT%2BsCmAU85zb4vMvboqC%2FfNhqOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d849261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 stat_load.gif
forum.lowyat.net/style_images/1/ 560 B
1 KB 58ms
54ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/stat_load.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f69e47e51f358023e78b7b424b8246bb78b0495fffb7fc80ab412dc28b34243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64427
cf-polished: origFmt=gif, origSize=1055
content-disposition: inline; filename="stat_load.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 560
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-41f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRv4ZVk2ZrMdzD2Egu%2BpvM18990UR5g2YWE5euqzexBqf9N38mHaegAXZCTE1qw2qv2k085BZ4%2BkykW7N93KsiE0pJnWbCMP9iJao7hHV1E2GOPn9lSB%2BVaZljytc1vPA8pJlBrkQOmbf4LWGPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d869261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 stat_sql.gif
forum.lowyat.net/style_images/1/ 330 B
880 B 59ms
54ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/stat_sql.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b793b813160bf8e3f67cd24c855000a4b1df4760dbe4041b406899df1e8f4749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63091
cf-polished: origFmt=gif, origSize=633
content-disposition: inline; filename="stat_sql.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-279"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ua%2FqPnmmfA9qLon4W18h6xDboiZeXqLYuvNP6922Qih5%2B3lUj8kJ8yYKm4bPezLU8tinLrbBbHnS64EV%2BO9%2BOBINsdbc37RJ3I6ro9DqX9bUJp3ENF8elxrZLOlfuB7FpHAtcnUK7aM%2FxPlokA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d889261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 stat_gzip.gif
forum.lowyat.net/style_images/1/ 218 B
767 B 59ms
55ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/stat_gzip.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a95cf29a57f4b5afc1844705fa914cdf5004daf211053561e72fda304e48fba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/topic/5307532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63091
cf-polished: origFmt=gif, origSize=266
content-disposition: inline; filename="stat_gzip.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 218
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-10a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FULv8GaA8gqmz4%2BrgJBvBg190pVa3Ui54O5b3BzsZJZszLQsw3B0UAp78sSSmJ9aik76uqEsRJ7M7XEybt4iHHaHEvGNlyKvD0eDhN4%2FJIiqGKa%2BfuKEAFeWVOw6wSG38vDXx7L5h37o35SqlCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d899261-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 57ms
37ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://forum.lowyat.net/
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7475dddaf9c568eb-FRA

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 40ms
20ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5bf82f3e53
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5bf82f3e53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6647820
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLuN5gAt%2BAKEtuMSseVF0PAkJBQMTlp3qP7vZJCqfQpttkhMnlUY12AAepmwJPj8fnOmsv%2BfcYFeLx303tsR7yot%2FcF1ZZpSSYrm6jKulKSv8sYKpcFtdg2efP5bhq%2FYK1UxfrGd00mgqSGmzB%2FnpjRDlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: DUS51-P2
cf-ray: 7475ddda7cdb9060-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 5ZOiGJbajWWci8H8PtUSpwTBZnhHZTCqDE4MniA1KCQYhU6w1X0ZjQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 43ms
23ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5bf82f3e53
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5bf82f3e53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6646444
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIkqqwgiK5b9z8aU8CbPcagJJiuWuRWfkUNhQv1%2B9wtcHRrVxu05L0rDOkmwBq3%2FfKEyBZQtMRWLiilKyYhkxEIkKd1T4stB7WwaIEdoYA%2FwzQzS6gNXR7Gr8a0Ibc%2Bb70lJZyLWfpBoUppWbp%2BNm4pB2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: DUS51-P2
cf-ray: 7475ddda7cdc9060-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UehWvnBlhIvVUcJn0HXc5S_pq0fuyRlhZNRRfP7FqAPGzvAvP6dLqw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 42ms
23ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5bf82f3e53
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5bf82f3e53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15679317
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ%2B%2BFFLyCrWWr4JOi%2FSrgxsFOsFsP1OJ5W1AznXWuL59XIwQsMkRzuabwlf9K4Rl3R8RWjQdZpllA0QKxXw1Ny5nYofCRm1PRRqwA06x7R8v3LghDYc%2BSqycPBDoap5tOETjPD7xVJ29yD2fm%2B5UtsKKBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA50-C1
cf-ray: 7475ddda8cde9060-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IKqmQuQY1Qpg0iLLbO4PovkMZeJC8eB9uLQrzur61fgSUtWABt2WJQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

845e41a30b180f9588244c67cea447225d932214b89ba1e82484ac13890834ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Q5C6Xlq3Hqu4Qr/mJU+Flw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 2PTt8ys1iUCuuKrxirSwqNJfiBkZ/wa1Kuep1RuDgSvYct1jlbs0K+P346jnoA8Lr31vKaVP7Kxv7NOpyhcviw==
x-fb-trip-id: 917726464
x-fb-content-md5: a79ae7e9ce909eef352084622941b00d
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c26e759198b78983a827661e695254a4"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 08 Sep 2022 07:22:28 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ 392 KB
157 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 06:53:37 GMT

GET
H2 200 bg-tile.gif
images-cdn.lowyat.net/forum/default/ 14 KB
14 KB 32ms
31ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.lowyat.net/forum/default/bg-tile.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe2ac4e32d12394fe48de9aecbbbfdf5e2886a2a7712e6284ac43f96f1645d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1126045
cf-polished: origFmt=gif, origSize=17274
content-disposition: inline; filename="bg-tile.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14136
pragma: public
last-modified: Mon, 27 Jun 2016 08:46:45 GMT
server: cloudflare
etag: "5770e7f5-437a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1OnNn5XpG5mmXXO5cwgtJ0%2FnBrZBQHeKGYe2Na80s2syk%2FZGN7anQRZvar20stQdbZEpBkdVDiL%2FY9bcQvLiSYGycIv%2FvOifeNy7BsJ8qG0j1O8Cfa0%2FAkXstSjTBerxI0kGXJTpgBF%2FuBzSb9jBj71KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 09 Sep 2022 05:59:29 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7cb9910d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 background.gif
images-cdn.lowyat.net/assets/forum/header/ 20 KB
20 KB 31ms
30ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.lowyat.net/assets/forum/header/background.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff88c2564a076884f6cd124c5168c2d0240d33a79725bd61ff0556b6277acb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1126045
cf-polished: origFmt=gif, origSize=24532
content-disposition: inline; filename="background.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20192
pragma: public
last-modified: Wed, 13 Jan 2016 03:57:09 GMT
server: cloudflare
etag: "5695cb15-5fd4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqisVZzli2QYT9yfN2tobB4V9TII1RQzKsM9yIpdgfw1m1L5vnTN47%2FebiY0dzz5j5hoQszIt1s7tpipSGGVNsyvFSkQj%2Be7iOPvmp6NRYiaxSUHqk2tUnAGFYJ9UEsjX%2B0XGEoxJPB%2FoUys6a8WctUz1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 09 Sep 2022 05:59:29 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7cba910d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 merdeka-left.png
images-cdn.lowyat.net/assets/forum/2022/ 19 KB
19 KB 27ms
27ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.lowyat.net/assets/forum/2022/merdeka-left.png
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70d6d97fa91739b28db85f452f4912398558b1c20e8fb91fa42179dab78a7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777271
cf-polished: origFmt=png, origSize=292774
content-disposition: inline; filename="merdeka-left.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19448
pragma: public
last-modified: Tue, 30 Aug 2022 07:09:50 GMT
server: cloudflare
etag: "630db7be-477a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg17ZjsnFhl0j%2FRP%2FXGFtX2bdOPXCIbE5yXB9Z2mJ7yOyy%2BuExYZd8iJpLN%2BMmTaJvanQgYDynLaUyNa6xoyoHeHiq7JOzkYKMFaYFXGfqysxoxNPyi3qTFs7VC9K7Qrfe9HZxXyKifsIcpd%2B196YECIRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 13 Sep 2022 07:15:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7cbb910d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 merdeka-right.png
images-cdn.lowyat.net/assets/forum/2022/ 97 KB
97 KB 37ms
36ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.lowyat.net/assets/forum/2022/merdeka-right.png
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33cb413954e2c874f6d1e23c444fa33d050eee66ef8a17f949de0a077b4f1b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 774177
cf-polished: origFmt=png, origSize=141199
content-disposition: inline; filename="merdeka-right.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98864
pragma: public
last-modified: Tue, 30 Aug 2022 07:09:47 GMT
server: cloudflare
etag: "630db7bb-2278f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1r9QBE%2Bl7prSGXjFqOB3ZecSIThrqsx%2FnAHiQND4%2Bx0YCjvDD8%2FbjFd7IUonTQSlBsUls9LWSmioxnOCT0SGu7x2DOJK%2BARGDOJ6r9ETZyJFqYgQ20RGsLyxP1HEH57teX0kjAf9y9b%2Bu62dm560hYvWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 13 Sep 2022 07:15:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7cbc910d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 tile_sub.gif
forum.lowyat.net/style_images/1/ 554 B
1 KB 58ms
55ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/tile_sub.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49328d094174abbdffa6932ce113c6d160d94ed4928ace1e729fe513db4f42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net//style_images/css_2.css?v=21031277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63092
cf-polished: origFmt=gif, origSize=1581
content-disposition: inline; filename="tile_sub.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 554
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-62d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iutYgrQE8qn5fSzgFGtTDJEQmxOp3f4kzh2kN7zlk6yT0kfNSqChiWN6OWl%2Fyw3fvtCcHfcWjYepyoMs3NUGmqW5e%2FXY6SK%2B2NZYJtB3QWSRouJaQ0JjjSdAuoQPts15NF97dJuTZmLO0zjKI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475ddda7d8a9261-FRA
cf-bgj: imgq:100,h2pri

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 246 B
942 B 82ms
15ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e7481ece37effcad94fbec2ea0f813259a8536d7467e44611fdc91d603460637

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:50 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 27aab780-c0f0-424c-a218-2e1f06d0360c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://forum.lowyat.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 246
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css_img_quote.gif
forum.lowyat.net/style_images/1/ 370 B
924 B 18ms
18ms Image
image/webp 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.lowyat.net/style_images/1/css_img_quote.gif
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net//style_images/css_2.css?v=21031277
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553144ca65af65be193fbe8bd4c9afba88c454df06d4defcf71b03bffcdd7079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net//style_images/css_2.css?v=21031277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70657
cf-polished: origFmt=gif, origSize=406
content-disposition: inline; filename="css_img_quote.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 370
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
etag: "5cf17720-196"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vQg1FPEn8%2B%2BtGi3tzKtCT88w1gaK4y3tQTd51mlDqwTkPxa5vQJomV0AoZ1yjDdO3lQI2ni3YvZtFEYYRHKMO46zY9ojOKEfNr7uYXBmBm%2BvCclCaFnqqw1MHMkBm8%2BJvyMC1LAEp70dLGV8Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7475dddadde39261-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 fa-solid-900.woff2
forum.lowyat.net/webfonts/ 73 KB
73 KB 20ms
19ms Font
font/woff2 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/webfonts/fa-solid-900.woff2

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forum.lowyat.net/css/all.min.css
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74256
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5cf17720-12210"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsl5Sbe2A%2F2nk7eXgUsyfi%2BIfSmK97V4PiLR%2FtDWhPcjMfIjDsKfprpVTCCnCXDm8mwQnCfT54Hx9l2%2FrNuz6bELrb8QwPJVdKdiMz2qfwfVcRTn%2FhkePpFCIr%2FW9bMquGQlWgzn2eAdAuBQwmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475dddaddeb9261-FRA

GET
H3 200 fa-brands-400.woff2
forum.lowyat.net/webfonts/ 73 KB
74 KB 30ms
28ms Font
font/woff2 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/webfonts/fa-brands-400.woff2

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forum.lowyat.net/css/all.min.css
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74768
last-modified: Fri, 31 May 2019 18:49:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5cf17720-12410"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06MwJoYl8DMziJJwIXPCwK3%2FRzE9Xi8ZsCrBVdEz0uU%2F1Zx5CLNckjhglZOC4LTzp55DwbGO87UsfmET7rJaPckn%2BSz6PGrL1PSVcGEdeGqt5DCOfRAOV3rwlJTvg60LtxrcyhgIhIAo0akRBj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 7475dddaddec9261-FRA

GET
H2 200 FItP77HqV9c Show response
www.youtube.com/embed/ Frame 678B 62 KB
27 KB 188ms
99ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FItP77HqV9c?rel=0

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9632a0cdb726876f12499c0725bc4ca07e9fccd84ddd26e2cd3a6981cbb97080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 40A6 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fforum.lowyat.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 642451
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Sep 2022 07:10:50 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b3ab9b51d051b251810b8423169b1fdb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a71ec282a007b976d658468536e9bc23fb41bce023cfdb50e3be03f25482d61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://forum.lowyat.net/
Origin: https://forum.lowyat.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E8x34KlxZKWkFUtO9CtJjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86525
x-fb-rlafr: 0
x-fb-debug: 8zbqcQyqhhIsx7pzNPgni4g2mIYebLCRuYuDLoF9HVI9mYwR+Cp2uIqQbve6FW4/U4mrKimxgxN05t3zBjsBaQ==
x-fb-content-md5: b278fd703361925c4fdf7397bd540f91
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 07:10:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fed36a2fa4e0f23a2da07e64f1c7becd"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Sep 2023 06:25:49 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 40A6 709 B
589 B 246ms
111ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=bea47f683b1cbb036895019161d88587c386fd25

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fforum.lowyat.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 08 Sep 2022 07:10:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 07:10:50 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4712092f4e30023db08ad76741894165ccc29b951a62e50351e6b124cbbfb569
content-length: 308

GET
H3 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Sep 2023 06:49:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 207 B
156 B 145ms
72ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forum.lowyat.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24037e139862a8205529cfdd8e27dd04d998ddbd06d4711c1deea6bc59658da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 136ms
61ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2WVK3M5DBN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144730-48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6998bb2c877989b408d7c801ea1b0b0bd96a41536522b16e6fe9425a67919d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74625
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144730-48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 530
date: Thu, 08 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 09:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 118ms
46ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144730-46&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144730-48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33ad2efebb9a139e7702e97e14e85b4b414bb1b4f45d21031b194ecfd10487c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41880
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 345 KB
121 KB 168ms
94ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7979631120579969&plah=forum.lowyat.net&bust=31069437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7979631120579969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e95cc356a091a7843c1a459efa0ebbfa5256601adf4d5396a3df030f13f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124232
x-xss-protection: 0
server: cafe
etag: 1536877374559932320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/ Frame AE26 10 KB
5 KB 354ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7979631120579969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 00:44:42 GMT
etag: 8616628553774171045
expires: Thu, 22 Sep 2022 00:44:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/f96f6702/ Frame 678B 353 KB
48 KB 124ms
39ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:40:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 678B 15 KB
16 KB 324ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 137049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/f96f6702/www-embed-player.vflset/ Frame 678B 309 KB
95 KB 95ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ff4fd099733ca612119cee9ff76bec251854d45b616958ba85d6593d9a5607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97690
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:40:43 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 678B 2 MB
575 KB 139ms
82ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c897555fa3a978e129d504d7c981b54d4e84f1c9bf65890888f1066aafbf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588531
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:41:15 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/ Frame 678B 9 KB
3 KB 154ms
97ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:40:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 124ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681433771&t=pageview&_s=1&dl=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&ul=en-us&de=UTF-8&dt=Teletubbies%20to%20return%20on%20Netflix%20as%20series%20reboots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1288613800&gjid=601554454&cid=1093847934.1662621050&tid=UA-144730-48&_gid=1890020194.1662621050&_r=1&gtm=2ou8v0&z=431806452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.lowyat.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 190ms
45ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=forum.lowyat.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 188ms
44ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=forum.lowyat.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 352ms
351ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2309070443014296&correlator=3578526844714488&eid=31068501%2C31068929%2C31068883&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=1101362%2CFORUM-ROS-ALL%2CForum-Between-Post-1%2CLYN-Landing-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C1x1&ifi=5&adks=364072771%2C3610623056%2C1394629734&sfv=1-0-38&ists=1&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662621050462&lmt=1662621050&dlt=1662621049735&idt=685&adxs=436%2C436%2C32&adys=4690%2C1624%2C6948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&frm=20&vis=1&psz=1520x-1%7C1522x120%7C1536x6954&msz=1520x-1%7C1522x-1%7C1536x0&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50299ba0c586f188dea5c674dcd396d338fd6f83640a6f810fa0e1aa9ba9aaaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4ABE 6 KB
4 KB 193ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Fri, 08 Sep 2023 07:10:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681433771&t=pageview&_s=1&dl=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&ul=en-us&de=UTF-8&dt=Teletubbies%20to%20return%20on%20Netflix%20as%20series%20reboots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=589254549&gjid=788720011&cid=1093847934.1662621050&tid=UA-144730-46&_gid=1890020194.1662621050&_r=1&gtm=2ou8v0&z=1773621562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.lowyat.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144730-46&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 530
date: Thu, 08 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 09:02:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 121ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2WVK3M5DBN&gtm=2oe8v0&_p=1681433771&_gaz=1&cid=1093847934.1662621050&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662621050&sct=1&seg=0&dl=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&dt=Teletubbies%20to%20return%20on%20Netflix%20as%20series%20reboots&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WVK3M5DBN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 106ms
20ms Ping
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2WVK3M5DBN&cid=1093847934.1662621050&gtm=2oe8v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WVK3M5DBN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 156ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2WVK3M5DBN&cid=1093847934.1662621050&gtm=2oe8v0&aip=1&z=1279396414

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 129ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=forum.lowyat.net&callback=_gfp_s_&client=ca-pub-7979631120579969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7979631120579969&plah=forum.lowyat.net&bust=31069437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a15e638c46d2e990e259c147c17770583a2eca33122fbb8a74f686cbebad984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5D9 0
188 B 120ms
113ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&adk=1812271804&adf=3025194257&lmt=1662621050&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050253&bpp=4&bdt=518&idt=273&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3925211928341&frm=20&pv=2&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Thu, 08 Sep 2022 07:10:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF6D 23 KB
10 KB 317ms
311ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&h=120&slotname=3254453113&adk=250581548&adf=4271478627&pi=t.ma~as.3254453113&w=970&lmt=1662621050&rafmt=12&psa=0&format=970x120&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050257&bpp=2&bdt=522&idt=290&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3925211928341&frm=20&pv=1&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UxBIYeP0Mo&p=https%3A//forum.lowyat.net&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5eb9e8e73605a71647c2d31ace95bc9ff89e1583f890faa72d85743d22ab10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9784
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Thu, 08 Sep 2022 07:10:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 23ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144730-48&cid=1093847934.1662621050&jid=1288613800&gjid=601554454&_gid=1890020194.1662621050&_u=YEBAAUAAAAAAAC~&z=615163287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.lowyat.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 07:10:50 GMT
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 24ms
21ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144730-46&cid=1093847934.1662621050&jid=589254549&gjid=788720011&_gid=1890020194.1662621050&_u=aEDAAUABAAAAAC~&z=649052501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.lowyat.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 07:10:50 GMT
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 143ms
63ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144730-48&cid=1093847934.1662621050&jid=1288613800&_u=YEBAAUAAAAAAAC~&z=690446940

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 62ms
61ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144730-48&cid=1093847934.1662621050&jid=1288613800&_u=YEBAAUAAAAAAAC~&z=690446940

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 141ms
61ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144730-46&cid=1093847934.1662621050&jid=589254549&_u=aEDAAUABAAAAAC~&z=206802188

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
62ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144730-46&cid=1093847934.1662621050&jid=589254549&_u=aEDAAUABAAAAAC~&z=206802188

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 678B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
45ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99b4696244bf998a1c77bed53ac5a7573abd351a0561128e2351e4b354818178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 08 Sep 2022 07:10:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 678B 29 B
587 B 120ms
36ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:09:30 GMT
x-content-type-options: nosniff
age: 80
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 07:24:30 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 54ms
21ms Preflight
text/html 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 08 Sep 2022 07:10:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 678B 65 KB
30 KB 56ms
26ms XHR
application/json+protobuf 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da4991fcb396a081be3d44fce890389fb19db67c5d72a15c8a41d067be2d2c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30541
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 678B 120 KB
37 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505217854fe4541cb6f8f1d0fb5009f30fd537d93755df7f5ce283ab42c03b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37797
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:41:16 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 678B 28 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa81202eafd68a146de1bfa18b7a8697bbd11740930986c99aebfdfce7a362a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8386
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 02:42:16 GMT

GET
DATA 200
OK truncated
/ Frame 678B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7nfIPYKIYVIg5LZXIQG5WZvUlesYUsaFWuj6chCnHPhGoO3FpW1hIZgwi5WqflkEVgXP1ifNBg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 678B 5 KB
5 KB 119ms
38ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/7nfIPYKIYVIg5LZXIQG5WZvUlesYUsaFWuj6chCnHPhGoO3FpW1hIZgwi5WqflkEVgXP1ifNBg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1a31c79445e8a8b0f732499cc4acc9ec7963f327209be5e08a5a73e9cb54ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:36:57 GMT
x-content-type-options: nosniff
age: 2033
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4938
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Jun 2022 11:43:24 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/FItP77HqV9c/ Frame 678B 104 KB
105 KB 119ms
37ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/FItP77HqV9c/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FItP77HqV9c?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25b395e8098cff5cc2e0df7bf89057e61e3d800aaeeee504728240aa3716a0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:03:10 GMT
x-content-type-options: nosniff
age: 4060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107005
x-xss-protection: 0
server: sffe
etag: "1511502074"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Sep 2022 08:03:10 GMT

GET
H3 200 container.html Show response
6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF27 6 KB
3 KB 130ms
50ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Fri, 08 Sep 2023 07:10:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A63C 6 KB
3 KB 115ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Fri, 08 Sep 2023 07:10:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 678B 4 KB
2 KB 142ms
65ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame AF6D 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&h=120&slotname=3254453113&adk=250581548&adf=4271478627&pi=t.ma~as.3254453113&w=970&lmt=1662621050&rafmt=12&psa=0&format=970x120&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050257&bpp=2&bdt=522&idt=290&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3925211928341&frm=20&pv=1&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UxBIYeP0Mo&p=https%3A//forum.lowyat.net&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:39:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame AF6D 17 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:44:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF6D 141 KB
44 KB 130ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF6D 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW3ahepUZY5_1JsmK7APbp47gBMme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5Nzk2MzExMjA1Nzk5NjmgAdW20uoDyAEJqQKquKl29sCwPqgDAaoEywFP0KZLtipysDIoo8kVQkjnEPZ3IYvZgIIaQt0uzEkT-llqwWItRncd1Se_0Itl29gIrYxSeo2ZpMZJryRmpxHi0m7uwEvbBozGnuknDUYlTGTmL5e0r5mU8vsFFYw1EWUQ_UiTkjfZsCgG08ZGfz8yvkFEdd-C-bWO1jIMc-QhUrkTsATLyTT2qg-dXV20JalWQDF3ji2kJLhXdWBcowbhjh_LLYF1Rl7ijZ7OT7CkMfnBISH1wKWLOzsixBqoewEwvAvZE5acqKZgiIAG-Mvu1c-shtiLAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzk3OTYzMTEyMDU3OTk2ORgA&sigh=1TAWjivqcFQ&uach_m=[UACH]&cid=CAQSGwCsnQUx6TA1qn7mAfgHaVNHbq5yoXdKBm8SERgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&h=120&slotname=3254453113&adk=250581548&adf=4271478627&pi=t.ma~as.3254453113&w=970&lmt=1662621050&rafmt=12&psa=0&format=970x120&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050257&bpp=2&bdt=522&idt=290&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3925211928341&frm=20&pv=1&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UxBIYeP0Mo&p=https%3A//forum.lowyat.net&dtd=297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 08 Sep 2022 07:10:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:50 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AF6D 0
0 48ms
16ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLWUEsz6RMoHeJ2DYgICAAAA90kgu0amuSwQeZUZY-313NbZd7THqVECABIAAA&wp=YxmVegAJup8KewVJAAOT2yGiF2r6jKNEr014Qg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 234432
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D4A3 165 KB
50 KB 158ms
126ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YxmVegAJup8KewVJAAOT2yGiF2r6jKNEr014Qg&u=%7Cg0%2B9kYMyIrw0rH5YY7iU%2BVzyfZ7oopC0kTubjj9PoWU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI379P6o9DqqGL1E_hgSm4OWk9PoN-jrDr1M6Be2-Fxb75IAkAgtBy2RysqvPRAcFIr5ThrVId34krOBKreCBcgpgWW7HVi9FiEguEdNy3aky9zeGm7itdfYjjJFMXt-EwOJURdRToRcDKsR0I1c5A7eBOuXXQbxWJNGlWRwSKPp9qTeFouQXXmwNCZap0ZI0tQRUV5yWzGLGNT6O4uyRaDu7omuI8uyq9quqTN2ox1wXKX4U7sl7fLaTwMrAJKN4MTsKbHuJ08RM_PwpGZ_vhoB88TOMBO5GWz8fCr2NWexa5HZQ8Ql3RpC8KNagcQ-VyvhbfNgtrI0eJkJHH3iTBe4Leo1TNwUpJlxpQNJVEOcGzLt7x7nTdR2_jII6Vw3w0_nUttgUjQmsB120Dp7oTwu84qDdwgfKSJBqT_FfgIm0gLFNF5Ger-eUh_U6XelG6f-v6vECM8m6LmtvE7PY0teT1EBW-70EfggmSq44U2nP5ARMBhG_rZ_jVXDxTTnN8ODulrw9khmhr-sk4bolQNd8Eq-5SPmztpd2nQcz-Kf1yNt7BSvDFmH8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7xkHepUZY5_1JsmK7APbp47gBMme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5Nzk2MzExMjA1Nzk5NjmgAdW20uoDyAEJqQKquKl29sCwPqgDAaoEzgFP0KZLtipysDIoo8kVQkjnEPZ3IYvZgIIaQt0uzEkT-llqwWItRncd1Se_0Itl29gIrYxSeo2ZpMZJryRmpxHi0m7uwEvbBozGnuknDUYlTGTmL5e0r5mU8vsFFYw1EWUQ_UiTkjfZsCgG08ZGfz8yvkFEdd-C-bWO1jIMc-QhUrkTsATLyTT2qg-dXV20JalWQDF3ji2kJLhXdWBcowbhjh_LLYE3RH9wChFSXA84JVoRHIcNybGBjTEM3JgcszyWTrTHP44ZAiJzNxeJkIAG-Mvu1c-shtiLAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02ZsAq9azoI3MNE29olpzwtr4BGA%26client%3Dca-pub-7979631120579969%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fbbbf96c535740cfbcd75486548c8327e6cc275310d08dc93d1cc7201e8c275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MqZRjVlc_Ma8C4nTgmDWRg8LgUKKp_UtvhTQuKcCSyQP7CkxUCOkmhxlSYnfJcf07cbYg7Aif0TUpOtKhcfUCwWguZizaPGo1l2PjCsHR4ETt_TF-fNzMPdUTl5lomLH9wh2eR9VB6p8OHyRglE6XhTO595AcmwEc6mCG6O2mGQMlEOn4-6YCK5oj__qV1Sp7NEyTiyXX764PHUxrusX7SiHKVS-2etVRNqnogzVUMGO7NMV20fDe2zkxCUy45FqimxTEw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 110789336
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame AF6D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcb2977214dc3dba331aaa21b4e59cf2e8b1da3eaac00bd6988ac9ee7158483f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 678B 98 B
142 B 22ms
21ms XHR
application/json+protobuf 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae17a3e03da6b41e453d80121f39a91d88bfd7bc0edf4a8f90faf469d0ab095e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 19ms
18ms Preflight
text/html 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 08 Sep 2022 07:10:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4AD3 624 B
297 B 75ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc_tRq3RzWQ2O5CaoDfgDmFgLySxCKvbK0hMm57rDZbJ0jiqU6OsTaTAMhDbyo6rGwdr6X_zdDGTe_MBg9pKXl5AFqwhw9kxMt7XVp41r3CusSloMbqaoJMpwLm-80tIFM2jLZ0TSCB3KHRylihBsx3RTlzDQfj6W5BLB_1smo51halyw

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A63C 27 KB
16 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZjoS9zetU3I2P0m3TOmu-EtpLz44DsapR5_FEG2FM38KYuHALMlRZGRt5CB-KCCEloMKRVzE3JrWB-JpugBwB8SjdQ0-Ah7V9Iu0slS7X2Qo2vMMeAApWc8Ixv-YWZCL5CZ7ybyFClvTnoiLZC47a4EF1zg&cry=1&dbm_d=AKAmf-Acxsz2ZDEa2-E-6gy2TvkodTCI710goApmI28enfGqDv4t26w7xy8ESectd_L0NxjHo6Gsqo0tjX0auxe7a8wgn5ABd5nG5eBL60IVbt0CxRa44Hbuc6RGt60Xf2K-S-DsLXVoweLJFfINxT3h012N0KqFzqq_u78DaUlOL7yqa5PwgRG2uaT1OTWRRRQrO_AXjWOrShw6PELB-B7o97DJdEXh1owZFsmEuqlDH9AZ6HaX-Aq-aKSDjGy3YYewFNP_BWy_kvnf-fBad3KeqhvvJpY27_s10W9gnJwyc8O1b0YoXqhuIgM2dgD9agIiygY9zuPhQN_nv44gksQt3gDs1m8evTRKsvCOLfxYTjDjpkhIGHzDu2bb0ki6RoY__vOSZhR9eGqtiH_iBowLEDRk9-8RHsLySd4h9mUxF7oJf6TQsUC6NtYzYVpoLvdCOQUl-hVWUs9EwC6npzT1GnSDJKtwhbWj6nyPzydOYzvqqW_3ZZkGnom8u_O1vTiGMsX_WY5hfs8nYyorMhUMyahRRlRhcH1NgETaSYAg3Izr_i0F_A9NxBgeZdqoJLsxx3FrplXk5bblJkFbWZLsAsfWH1t52yrrDXPEfSlaZslIMGzJO45f4pvtKnD8ndbSGKHmX4QPwGwWeLKZQTYZOTD9t40BSlKSTo_zHk-IZkW7OO46XVlt5F4lYgcCEBtlWiuSEfJAIWePYcXYgqeEl_QbnSzQ62sYsWGxaOu36adk01_QQfzC0elOW1RJUf-S2TWIgm9O392883mU51q5f8k9J713yyfxZIUywfcUMyBThCa-fsRrNbjr_dlJShRV_UAtEdg6C4-nv8iXVizZdEyyq2r1ZOQXVNrPd62GuKLF-EpPHU63bTq7ILqHNec6ahhA6xWGyc65ulPL1oDo0bsXsKwh6eBNQ9zBMZ3VY79nh-KVfn6LNBKSne9IFiJW-ketLr8UOUK8uBWfR_pVzV4BEp4Mr2LjHmQ7lrTMNqcZASXccEaeVonXkMbNapU6rIuTcYjRFx5pM_cw0yPXiCrRF8TkYA_N9FaDVBi-LNwuxem9owhkHVnr5Y91KY5iCPlWflqmWbpj4NQfG7UGstpcFiDSyMighJNQcr3AITa4bX6KPPm1_abhJyV15PKqAx_EJucyIfexlF583ABHV3UMr9oH05eVcFn_YT2ABkXnunQA1poXVnLovhSZZVYKQtV1-BsHulCchdBVbhWtHCSdX2uMtKI7ItEPoF5VD2Ck-zlQQGy-iA60mA0rSXZNLsOalBRHOForGnKbGv_HlPf-dAoAMucPiM4EMwxijeMma4T_mg5aGTEBkunbdNOG-Q0qzirE5u8RPYOreYmmLhd6RELPk2W87hbH0WexBi9RGkqQNBYITpmj1GwwTk0uxRiOGqDymix7GJ9H7tzoRFtkU1X9xGy1fEflFoZ2jvCokk6rUYG7uti11DAqtHb_sAO0xVae_1JEg-5rKHMnM4SSkPlkkK8Mq5XpErPYd8M82l2IEhHCLQVE3w3_VUEDWKrHOBgfSJYWYUG1rsZ4RC-RWyZFseh5DMke2lNJSa35xgQrtQP4XT7aOWxbkBTqNLD0bsot6whQRBK7pF3vKipRRNkH1tJ0YUeQolHleQMLnLK0JjVAhJD-OIT7TJ4eTpko0wmh-blNZI4TrgxqVVu7vg-6v6iw9Y4IoFvX9EPggSuXfLtx-9URrZce2LnoUxPkKkIXwCdsZ7sR_v86WiTQITj50oi-qp8cP-JccVvIbtaQ_SJyjgYXVTkAowG07H5UVTjIZIJyU0fr2CypOPxhyjqHBIyG_u2vWCg4GDDI_NISYWbiI_6uqP7ex9gtvje6g97SGIVZA64Q03AuI8tzsJ2CZ2s3ezZte8Ms9rnqaKl_YqH7aTY5IuhWJoddm4P9Wq2N27XkAdANGCq7HlWx0gl5xktUWXPZkPg6grac7EqBilEuAWTe7CMqdqH8C7AsCO1-R9AEAZ5Hcb608tO1YWFAs4naIOynf3xSP8ldP0rgPNl41tFd05WNs1Soxn57VeG6paDs42JY21dQ31I6Qjzzuk5LRMsVJyf_P1rO5uVv2hkd9_b0bhtibu7h8oTC-qhwj9q-aUficV-20A8n83Cvi95gvSETYU08_Ap_Rd0ECUt-U4ArraEZZA8xAvVA0z-fd_Ids_yyDu_Q5gwW4RVneLt95vWr6D64E-9Pil0o8Nz1fNX-9lUrTGHPlIW0NlsTMtbKcnXqs8a_cBmM6oVCpV5sCK-wSKQDJnEgzOTH3NgfwPSnDnh9TAYeorj0y0DxxprQaY-zIIDI42aoOegxqDbwmHxbj8PcyXD6CdEKstnR6Cv_4I0xF2s3xj6z8m9jtRnd0rH2wNKJDjqM7qI1UpY-dJnU5f5Ex1NUjUJGcbKH7hVwlTFLpcO6qQY_Fb1eIKu4l4JyfgasiHi4SPluXn_HA0Z3k6Rgeh_SlEszYBJlPNraYgHqHxLcnto0eTuIUO0GqYovYygxyP6oR20bCbQpZUJdTGA36enF_I_tIIwTgMPON874ZAIMnlxiSOKvR-2C7W6XM9vjJCERzj7u-azGKrH-mAdbGPMHmFnGbonsb6957vRHA_i5m3jYyoIn0tFZpAe5nfH85AduQaT3AxukIRreJQFcQ3I1w4xqXX711ZX32r0KABmx50bQrr0L8O7qdruSGit6Oo3OYS7aelGZ6z0BLyKlOvDItseuufCqCcejdttW32W8MolX15kPwaCdlGnxJjb_zeWytxXcWSwuHOxtObMFzD51lYaS940KprcPt_WE8o3sVvG-dJJOwcqpH-cReUaxf5_CIBFGaJsqX8wf91FqFmm7xyV4BiGNcgMigm5V6nRXy4G6cuQ0zOFEgCLwX0LARLVFeeilgaGS46IIW2EqrM5xec2-t5yQkKk2ektLxcsIajvx-PiMrGAaId1mkecUbCg2g3A1tW8xL5KIjaG60ipSxmfv_BKyqybhev5BkqBvxHBqqIGGvpRS41dI-XjbVtf_o1dBB0hO_cCdqgHSFdE2XpW9xylPcpHzXfKWgcfdmSYt_abEbvjeAD4Pz-Kn7djwtDbNuVgqzX5Ori3JF1Rf62Q-KX64_NR7L_56MlPT9bFKTZ8e_tPpa9sd5Co16EqYJhLUL1SZUFAgrUBXFgw1CIWxjHvH0pmIj3xYHEru8J6vLlxeRzu2ykMAZMQfZbYEFVhF9ojvbLiwK0Vy_9gLWbHJ42FRtdskGHIXorm29-f8-1l6PO7-_ALr4bIEqAWip1I5eot8XhkZrIMEAkyDjEqMLkY&cid=CAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU&rfl=1%2Chttps%253A%252F%252Fforum.lowyat.net%252F%240

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

782a04369241576d0aad4141edd80f989d9e5e0fab9ef53b94cb67332a19a7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A63C 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DnFH15T_lCErHtNxi5xsCZgYBydBbQX2tOymsZLLVucGtl5BQnlT4hinBCKL4EuaUIdRODewD3wqu3gu2Q0MOjp8zOugIqN7Y5LSyaNeubjNsLHtU

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame A63C 3 KB
1 KB 123ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:53:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame A63C 17 KB
7 KB 113ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:41:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A63C 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTB7ldA-twVZ5tuHai-pj4RJ1JjxVXCjWSaL0SApjTG4mWl-LXnygRJbopEOI5n9Lm8rBFm-Afd4KIrTK-05kF0ZutmKg
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A63C 141 KB
44 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 83EE 624 B
297 B 77ms
76ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVPUkb3zpkCUwPC1T36P4aa6CjF2AR7AcqevEtjfoF2rOBY6DVW_c1YJ1cTQ5dcYH7H7vM_x5sCQHfGBvQa5UBy-kp8HP1hajj1wbWV1J-Ef1qqtTCa69gGeBfLmecIbqYmIGGmahhGq3wu0J6WBB9XGnyjNKDqM5OehEqYSi3h4mRbu2s

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AF27 27 KB
16 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APceiZGqFu_oR9n694gZj6D-41qqmf0sVwqM-wLnOZ-zsk4ntal3qDn9J0ndoJ9N8ZRqRfVnPG7flIVbKfSAjtpyVoPrCXI7GpMdYaOo0F8zGxE8yfi5JJZrgavTbw5axud60JNahyllNCPwXXpnGzQMg41g&cry=1&dbm_d=AKAmf-BShK1mYWC914BKYBXRep0ds1qec-4aLCR2z2gQXLPMJ60jLf1SABlG6o-OSe838B342pnQ0vojsy1t6qYgYoSZugTt46XI4KnF_QH7izFZI6OnNq9FV2Au4Xxm_YPkJoklAocrrPJO7G41ujMbeT8QBvaZS4EiONDbrVSr0-PZGJngS_613JVMvJJWJBN-wc9GJfEDoi5nN_jqYmDdC79Ey_C-Dx9gqhq7NUCNuqccFjEMUDcEpvfcfPbiqAAxTYAILpPQWFDG6TvtaBTsV2aNbnGRwFCgCoAEGE2YFJwBKK5v0M5h2uShMu_VQqE2OLxNaIgF1iyPAPHnfAGN6h3Z1KSqjlHATi_lKLxOspyU9o73FJt1zVKxQhfGNgRxOXWlG_C1AWzAhyu-eGdvizRpYusAT163ZZLu7D5unb4p8PZysk8D3Npy-NkZROBjw_xqbZxJrNtDKKFotYswZK_eOutjy9wllyV1-p0NVc5Yrc2w7VehXTkyqTmyDVWp0eOcDKu6o1c1rU3BEzNU578FmrncQd0wtYQ_7iPb9ejx21HDhao3hFEXYkgPjuFmUyo20jQsPv_F-tPMzm9d_SOj5dLYSx_A5dhATzj-SaN6kqKFL6Kxai3yguhuj6XZayvwBE0NXANrUkiHm8aeVZKASKAxs0aX6NulMymGz0NeNvwLn4DY8ebetxVN72Ts3oEK90EBKLyQtVboCairagORzxf-7usGUBUQBgeifWrIGxmuHD8l8JSkzIm_8jx3eSeQ2G5HsV3U0uCn3npp7AxBSXj6zAt_iJ4JGAUHkiWStHyx-C2YrMlQcMuKh5SSsM6_BeF-2vk4x95B4A8IIvohQUjiWBasAf0rofQqkP5TImbbty9nYo5Xxt3BfVbqRpeLns-xJbZCnZ07zPoYwuoS4hD2VDvroi8d3Q9xU4_MM0k9frvEGEZkTSEl1N6lW8j4oeN7PRCtfSavSwUFujFcF2mj2DHwdZOYoS0yn8esqnLqd0p6uhxpjNFjeK3WhcdzF3SKgvuCB7Et_JQDwdc4jrnWxRiA0BbWstebu0qMoSxq6TqlB4tREKwsgN2kXeg4ugaT91by6KAnqIAIyntkNzevCjKkLNWd_0hkNUsP9EeDa9uASVxjT5nJeMJBjEjX58rQO-bjBZvTUGWg0EkkM7csKOqhZ6EBLh8o6oWSJlD5cMd-XAhXLmxJccWpy2r_PTtpShyTTMpgFDw0XUI_nU7dwsp3pf16_-ieWxrr459G-HZx_xnZ9ojtRg5DRkRCZURad_36kwLcL3oC-pIElC3hP_-QiO6Kxqq6a8jSLI34SMzegeYQqkGpgOV1u3_w0k5EphIFlH_DLl54MCvFRvDW6BEnMgI9iG08nE3uqjleIO1vXzVSzOftLrKpduizbU12tXt-i5U02XKLPqEY8TJsR3FFSHaxnVtwdEoLWEIfPOkYDmIPn3jJIyrGyXT6hBAm_qGvPFCFMdWyY5V6bkUHP81Pu_LKd92OkrzGtxSgpL_CluOYfE84UotRJp1Xj6D4oGYpKiL98_bW7DpSXeVSVoX0CG04828AWZe_lb4SMVUA7qzdt00OTHawTs3aLjA8WrtqxgzlegKx5_9nWgLQwibW3IE8Jc7XTlnTfD8aIoeAArKCNRl_wR5mjMqc8vkKjfvGoBYr1_I9-Gxd6RVFct_AgAwvb3iRr8DDygMRgzDCWwI4wZGmjudRtl_5Qks1so9P_OncQlHjX2lMujbJilgXUIAozUOlwgYoLsHVS2n9iSRA05ye75Zq7aDebJzllR8-07uoMvEpDoUspZVUsS2jkkh65Laint-bSzzhe5F09NSpIKAcghcrVnUwSX-U-aWcfWzVRYnManyZ97o4CpGw6lbbYrl8sEfAyLe6dKnvkKcPSoMzoSpl7r3KXb5O106eEq0eqeGKGLQhEvk2J0Aco8_DkmioTF4_zKzGvBWU3ZvruccJ-Fhv-MVKik_5T830noOtoJ_oPL9vimZIK-pnVff2C0CPnEGYRo2wzDVJ2fxajPL-HrTXS15BerovO3XmdWGLnDx5YwAsXgCH5aAgVVlzy71EZKQp6UfEw4n_YNFjD0-ogXiEyiADvTRNciPVBHrrZf220FOLR9kKHDSMTDoeXl422GYkRK2Ub9AR7MKq5McS0FbYSZKHyjTQZ-azhHeD9lJCRbypKH-hX1l2y1a1iixjz8r-eP7lVeGBS6qHLQbHsAgVmriemR4BQxC6bRT8vl0mth8rsnNU7rZZeUwe9HZo4QTnNZkO7RAsnWJ3zfJRBDo8QX_htKrhZOFLoISVanCVzLSQYkoYV9gzUz2w97re_jbtqzdkMNVViOSPsZrGMT2FfMBZmsdSPF40geEkB6J9RAKAm0axwXj-k8r9OdpZXJUnZUCXPrdxQAsc512Fi0GlXFUjnuOG1Q7bBA06fG-riPDk-PaRtn57Td7rVopgwJv0yPUZB7PQ_qLz58lGugqtakI-Mk1awVBdFC_4DMSOtNBocT3E9OpIIRvpGdUNoBHBFUlCQ23mkKzr2faNOnWUVvzYzDuJOlopmWLpNnVxZwOvpIH1YxpUfd5TZzMdVkXG5JUvZZKp9KoWk9zqBgdqGLAsQy6ijWphmbgSD2WIjahRymia6Jy1QVdM_QIqFxownvWbgFcAc0PDhF8XugsgS3RU0fM7pWl1JoGlNNpNWZTKVsTUQLmAHvnqkCFb2HickibS6K_XdLtZISgWVW6XIJR_NG6OQ5Cx5t6l8Ys2sDsTf7GkYkEBDcECGcKhAK2MYw6vJuk4K47WnmgzmMZhmtVTAnqvJhOWJEwG51s_q1S1DawSwJgs2zng9o5_iBMOYyJzpn4gHNWUGq0Zx8-Z0FLpKhakP6JezTmkmjs7su6msKP4BHkkuCLbulfrzUAaeEPd3Xe9bO84M1lWI_cHIAn30Rqc7EEaQsQh3qsxErI0IjgdNZRrNNKaWWJXzQs9wrfIR0d6xXUEQghGWMny9kuToKYIc1YE9KzSsXo6w6vLbOYHmJp9mYvJ1gmIz_0d25l6gTVPusqDpDM-0hH8JF0B6-gIpl_CwOWjVGTCM4BD9MJ34k0HB8i3DxR3KKUi6VttoGtxXFf4RYUpLCmOpGbBAxKcbIlLvkTSDkozNH83ap5D5tnErpDyPQWY-x6iZ-tlvxhgJj37Ku1FyErJaCx9alopd3FZjnGaT8o3VigF9T7p1_944bR4xn-Mpd7QsS3Hpea7KAT8OClCfBB1MBaWBWb4xBWqPEnvSbPzvxZBBVAvTg&cid=CAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8&rfl=1%2Chttps%253A%252F%252Fforum.lowyat.net%252F%240

Requested by

Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea745eec9ea46d8a06f618f642d52d772bdfe476c2ebb64962bd6abfd2bdf97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16519
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF27 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXoGVZ-hpNO2YMJ8svBZpTsG-ocrh5_yWEeT4FjNuCUzI_zF-maVrdPXhfNZvgBEXxFkO1F3PnuRa_KfDFhHG-psvJ7Cb1t5T_pEk4ZqM494kEgKA

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame AF27 3 KB
1 KB 111ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:53:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame AF27 17 KB
7 KB 100ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 06:41:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF27 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgFtspHvsD0NyunimljzEeQgM6EDAg2RXdk9N0KKSAROcUcXcx2vBMDmlMZEojvfnXR0bdzNldUMCvusLqI8I3h_S1eQ
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF27 141 KB
44 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/105/ Frame 678B 52 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/105/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 13:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 15:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 08 Sep 2022 13:11:08 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D4A3 2 KB
1 KB 52ms
11ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxmVegAJup8KewVJAAOT2yGiF2r6jKNEr014Qg&u=%7Cg0%2B9kYMyIrw0rH5YY7iU%2BVzyfZ7oopC0kTubjj9PoWU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI379P6o9DqqGL1E_hgSm4OWk9PoN-jrDr1M6Be2-Fxb75IAkAgtBy2RysqvPRAcFIr5ThrVId34krOBKreCBcgpgWW7HVi9FiEguEdNy3aky9zeGm7itdfYjjJFMXt-EwOJURdRToRcDKsR0I1c5A7eBOuXXQbxWJNGlWRwSKPp9qTeFouQXXmwNCZap0ZI0tQRUV5yWzGLGNT6O4uyRaDu7omuI8uyq9quqTN2ox1wXKX4U7sl7fLaTwMrAJKN4MTsKbHuJ08RM_PwpGZ_vhoB88TOMBO5GWz8fCr2NWexa5HZQ8Ql3RpC8KNagcQ-VyvhbfNgtrI0eJkJHH3iTBe4Leo1TNwUpJlxpQNJVEOcGzLt7x7nTdR2_jII6Vw3w0_nUttgUjQmsB120Dp7oTwu84qDdwgfKSJBqT_FfgIm0gLFNF5Ger-eUh_U6XelG6f-v6vECM8m6LmtvE7PY0teT1EBW-70EfggmSq44U2nP5ARMBhG_rZ_jVXDxTTnN8ODulrw9khmhr-sk4bolQNd8Eq-5SPmztpd2nQcz-Kf1yNt7BSvDFmH8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7xkHepUZY5_1JsmK7APbp47gBMme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5Nzk2MzExMjA1Nzk5NjmgAdW20uoDyAEJqQKquKl29sCwPqgDAaoEzgFP0KZLtipysDIoo8kVQkjnEPZ3IYvZgIIaQt0uzEkT-llqwWItRncd1Se_0Itl29gIrYxSeo2ZpMZJryRmpxHi0m7uwEvbBozGnuknDUYlTGTmL5e0r5mU8vsFFYw1EWUQ_UiTkjfZsCgG08ZGfz8yvkFEdd-C-bWO1jIMc-QhUrkTsATLyTT2qg-dXV20JalWQDF3ji2kJLhXdWBcowbhjh_LLYE3RH9wChFSXA84JVoRHIcNybGBjTEM3JgcszyWTrTHP44ZAiJzNxeJkIAG-Mvu1c-shtiLAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02ZsAq9azoI3MNE29olpzwtr4BGA%26client%3Dca-pub-7979631120579969%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D4A3 2 KB
1 KB 53ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D4A3 308 B
636 B 21ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D4A3 293 B
621 B 21ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D4A3 43 B
348 B 62ms
22ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QZAEApMpIgmUGI7hegbc59rbKhgICbQxik2YrjC9mJcLhK786l2JuBkYsYuYT_3vUd9tB85RLi6gnqLs2dfpwSxbEE8PzxB0lr-zc3onrX2IW4h3mrsZVA_1HTVuIIxszrrT7CF9CjdqjvlQcJYf76ab-UCdgwkwDy_7xeK-3L7DCaTlojPbV-Hvwxu044N56wlkQFIeQm8ZYrJHdZk1zMPWEePm_uJhoDr-oRy7-xK2MfQnarF28qC1amNaz4vavrjq1snLcUz0gUeWwK0S9WPRqmPd2AmWBSNLx6jsGiUaXUW9gUlrGl1pEEhCcjU8nuqghKJNr5DsHUC9O5yiATshUUrPRAW4jUmP9049_bOqKar-Aj5mFFZVLsbK9857cSZoZPWyLWyUs5K0NzhOQJuHgtvdBVlhql05iJR6ycmBa88x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:50 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3990783
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame A63C 30 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZjoS9zetU3I2P0m3TOmu-EtpLz44DsapR5_FEG2FM38KYuHALMlRZGRt5CB-KCCEloMKRVzE3JrWB-JpugBwB8SjdQ0-Ah7V9Iu0slS7X2Qo2vMMeAApWc8Ixv-YWZCL5CZ7ybyFClvTnoiLZC47a4EF1zg&cry=1&dbm_d=AKAmf-Acxsz2ZDEa2-E-6gy2TvkodTCI710goApmI28enfGqDv4t26w7xy8ESectd_L0NxjHo6Gsqo0tjX0auxe7a8wgn5ABd5nG5eBL60IVbt0CxRa44Hbuc6RGt60Xf2K-S-DsLXVoweLJFfINxT3h012N0KqFzqq_u78DaUlOL7yqa5PwgRG2uaT1OTWRRRQrO_AXjWOrShw6PELB-B7o97DJdEXh1owZFsmEuqlDH9AZ6HaX-Aq-aKSDjGy3YYewFNP_BWy_kvnf-fBad3KeqhvvJpY27_s10W9gnJwyc8O1b0YoXqhuIgM2dgD9agIiygY9zuPhQN_nv44gksQt3gDs1m8evTRKsvCOLfxYTjDjpkhIGHzDu2bb0ki6RoY__vOSZhR9eGqtiH_iBowLEDRk9-8RHsLySd4h9mUxF7oJf6TQsUC6NtYzYVpoLvdCOQUl-hVWUs9EwC6npzT1GnSDJKtwhbWj6nyPzydOYzvqqW_3ZZkGnom8u_O1vTiGMsX_WY5hfs8nYyorMhUMyahRRlRhcH1NgETaSYAg3Izr_i0F_A9NxBgeZdqoJLsxx3FrplXk5bblJkFbWZLsAsfWH1t52yrrDXPEfSlaZslIMGzJO45f4pvtKnD8ndbSGKHmX4QPwGwWeLKZQTYZOTD9t40BSlKSTo_zHk-IZkW7OO46XVlt5F4lYgcCEBtlWiuSEfJAIWePYcXYgqeEl_QbnSzQ62sYsWGxaOu36adk01_QQfzC0elOW1RJUf-S2TWIgm9O392883mU51q5f8k9J713yyfxZIUywfcUMyBThCa-fsRrNbjr_dlJShRV_UAtEdg6C4-nv8iXVizZdEyyq2r1ZOQXVNrPd62GuKLF-EpPHU63bTq7ILqHNec6ahhA6xWGyc65ulPL1oDo0bsXsKwh6eBNQ9zBMZ3VY79nh-KVfn6LNBKSne9IFiJW-ketLr8UOUK8uBWfR_pVzV4BEp4Mr2LjHmQ7lrTMNqcZASXccEaeVonXkMbNapU6rIuTcYjRFx5pM_cw0yPXiCrRF8TkYA_N9FaDVBi-LNwuxem9owhkHVnr5Y91KY5iCPlWflqmWbpj4NQfG7UGstpcFiDSyMighJNQcr3AITa4bX6KPPm1_abhJyV15PKqAx_EJucyIfexlF583ABHV3UMr9oH05eVcFn_YT2ABkXnunQA1poXVnLovhSZZVYKQtV1-BsHulCchdBVbhWtHCSdX2uMtKI7ItEPoF5VD2Ck-zlQQGy-iA60mA0rSXZNLsOalBRHOForGnKbGv_HlPf-dAoAMucPiM4EMwxijeMma4T_mg5aGTEBkunbdNOG-Q0qzirE5u8RPYOreYmmLhd6RELPk2W87hbH0WexBi9RGkqQNBYITpmj1GwwTk0uxRiOGqDymix7GJ9H7tzoRFtkU1X9xGy1fEflFoZ2jvCokk6rUYG7uti11DAqtHb_sAO0xVae_1JEg-5rKHMnM4SSkPlkkK8Mq5XpErPYd8M82l2IEhHCLQVE3w3_VUEDWKrHOBgfSJYWYUG1rsZ4RC-RWyZFseh5DMke2lNJSa35xgQrtQP4XT7aOWxbkBTqNLD0bsot6whQRBK7pF3vKipRRNkH1tJ0YUeQolHleQMLnLK0JjVAhJD-OIT7TJ4eTpko0wmh-blNZI4TrgxqVVu7vg-6v6iw9Y4IoFvX9EPggSuXfLtx-9URrZce2LnoUxPkKkIXwCdsZ7sR_v86WiTQITj50oi-qp8cP-JccVvIbtaQ_SJyjgYXVTkAowG07H5UVTjIZIJyU0fr2CypOPxhyjqHBIyG_u2vWCg4GDDI_NISYWbiI_6uqP7ex9gtvje6g97SGIVZA64Q03AuI8tzsJ2CZ2s3ezZte8Ms9rnqaKl_YqH7aTY5IuhWJoddm4P9Wq2N27XkAdANGCq7HlWx0gl5xktUWXPZkPg6grac7EqBilEuAWTe7CMqdqH8C7AsCO1-R9AEAZ5Hcb608tO1YWFAs4naIOynf3xSP8ldP0rgPNl41tFd05WNs1Soxn57VeG6paDs42JY21dQ31I6Qjzzuk5LRMsVJyf_P1rO5uVv2hkd9_b0bhtibu7h8oTC-qhwj9q-aUficV-20A8n83Cvi95gvSETYU08_Ap_Rd0ECUt-U4ArraEZZA8xAvVA0z-fd_Ids_yyDu_Q5gwW4RVneLt95vWr6D64E-9Pil0o8Nz1fNX-9lUrTGHPlIW0NlsTMtbKcnXqs8a_cBmM6oVCpV5sCK-wSKQDJnEgzOTH3NgfwPSnDnh9TAYeorj0y0DxxprQaY-zIIDI42aoOegxqDbwmHxbj8PcyXD6CdEKstnR6Cv_4I0xF2s3xj6z8m9jtRnd0rH2wNKJDjqM7qI1UpY-dJnU5f5Ex1NUjUJGcbKH7hVwlTFLpcO6qQY_Fb1eIKu4l4JyfgasiHi4SPluXn_HA0Z3k6Rgeh_SlEszYBJlPNraYgHqHxLcnto0eTuIUO0GqYovYygxyP6oR20bCbQpZUJdTGA36enF_I_tIIwTgMPON874ZAIMnlxiSOKvR-2C7W6XM9vjJCERzj7u-azGKrH-mAdbGPMHmFnGbonsb6957vRHA_i5m3jYyoIn0tFZpAe5nfH85AduQaT3AxukIRreJQFcQ3I1w4xqXX711ZX32r0KABmx50bQrr0L8O7qdruSGit6Oo3OYS7aelGZ6z0BLyKlOvDItseuufCqCcejdttW32W8MolX15kPwaCdlGnxJjb_zeWytxXcWSwuHOxtObMFzD51lYaS940KprcPt_WE8o3sVvG-dJJOwcqpH-cReUaxf5_CIBFGaJsqX8wf91FqFmm7xyV4BiGNcgMigm5V6nRXy4G6cuQ0zOFEgCLwX0LARLVFeeilgaGS46IIW2EqrM5xec2-t5yQkKk2ektLxcsIajvx-PiMrGAaId1mkecUbCg2g3A1tW8xL5KIjaG60ipSxmfv_BKyqybhev5BkqBvxHBqqIGGvpRS41dI-XjbVtf_o1dBB0hO_cCdqgHSFdE2XpW9xylPcpHzXfKWgcfdmSYt_abEbvjeAD4Pz-Kn7djwtDbNuVgqzX5Ori3JF1Rf62Q-KX64_NR7L_56MlPT9bFKTZ8e_tPpa9sd5Co16EqYJhLUL1SZUFAgrUBXFgw1CIWxjHvH0pmIj3xYHEru8J6vLlxeRzu2ykMAZMQfZbYEFVhF9ojvbLiwK0Vy_9gLWbHJ42FRtdskGHIXorm29-f8-1l6PO7-_ALr4bIEqAWip1I5eot8XhkZrIMEAkyDjEqMLkY&cid=CAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU&rfl=1%2Chttps%253A%252F%252Fforum.lowyat.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 07:07:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A63C 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4AD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

43 B
845 B

33ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc_tRq3RzWQ2O5CaoDfgDmFgLySxCKvbK0hMm57rDZbJ0jiqU6OsTaTAMhDbyo6rGwdr6X_zdDGTe_MBg9pKXl5AFqwhw9kxMt7XVp41r3CusSloMbqaoJMpwLm-80tIFM2jLZ0TSCB3KHRylihBsx3RTlzDQfj6W5BLB_1smo51halyw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7475dde2de729019-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkkoDra6W4q8ZDfNVjgR%2BgCU%2BHvyW6IJqWm9efDZndT9MSv7iacERVt0GNzDSJFOm3bahC6RIn0eZjKlxjdJ9VWsWIApTHkIxWnFO%2FTttMUtzjMnsLQ9YUeLpTLYgvY9YSWOVkxLgWkgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4AD3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxmVe6q7sXcERHJLlIPyWQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

43 B
841 B

29ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc_tRq3RzWQ2O5CaoDfgDmFgLySxCKvbK0hMm57rDZbJ0jiqU6OsTaTAMhDbyo6rGwdr6X_zdDGTe_MBg9pKXl5AFqwhw9kxMt7XVp41r3CusSloMbqaoJMpwLm-80tIFM2jLZ0TSCB3KHRylihBsx3RTlzDQfj6W5BLB_1smo51halyw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7475dde37f209019-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84Q33s4k4GNQyZDfg51nP8zqs4ugIRlvcsJdSb9bsfmZPdbf2byGR5A9FJPDAvFa8rcC8KMmDmLN45QXC6ndfjSvDeezPQUucpF2gCau8vHQXn9RHwm0GNCP8B9dm97MxT%2Bcu%2BjBQVFzKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4AD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

43 B
1020 B

16ms
15ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc_tRq3RzWQ2O5CaoDfgDmFgLySxCKvbK0hMm57rDZbJ0jiqU6OsTaTAMhDbyo6rGwdr6X_zdDGTe_MBg9pKXl5AFqwhw9kxMt7XVp41r3CusSloMbqaoJMpwLm-80tIFM2jLZ0TSCB3KHRylihBsx3RTlzDQfj6W5BLB_1smo51halyw

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d4d6dd10-e7a5-4ced-a1e3-9fc5d90c8ed2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AD3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMzUxNDI2ODY2ODYwNTIyOQ%3D%3D

170 B
243 B

54ms
49ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMzUxNDI2ODY2ODYwNTIyOQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b4d73bb2-86c3-4406-9a35-1378e96fbc72
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMzUxNDI2ODY2ODYwNTIyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 83EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

43 B
842 B

33ms
32ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVPUkb3zpkCUwPC1T36P4aa6CjF2AR7AcqevEtjfoF2rOBY6DVW_c1YJ1cTQ5dcYH7H7vM_x5sCQHfGBvQa5UBy-kp8HP1hajj1wbWV1J-Ef1qqtTCa69gGeBfLmecIbqYmIGGmahhGq3wu0J6WBB9XGnyjNKDqM5OehEqYSi3h4mRbu2s
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7475dde2de739019-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2568Ia4ydt6Wad7vmWE7%2BsXMVxJaUWruj5cwu8znAeX1QjqMGgmeRIIF4KoQ1rQlTcyb44TB7qs%2BFUU3Q1anDWJrZmqe%2FhPraWI5rWE6qDy4GYAa6p6kA8DpvAfBIRIKV5WfInDD4JbQwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 83EE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxmVe6q7sXcERHJLlIPyWQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1

43 B
848 B

38ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVPUkb3zpkCUwPC1T36P4aa6CjF2AR7AcqevEtjfoF2rOBY6DVW_c1YJ1cTQ5dcYH7H7vM_x5sCQHfGBvQa5UBy-kp8HP1hajj1wbWV1J-Ef1qqtTCa69gGeBfLmecIbqYmIGGmahhGq3wu0J6WBB9XGnyjNKDqM5OehEqYSi3h4mRbu2s
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7475dde37f269019-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk2D1iFEPtBwat%2FDCyoevTwwP7XJq3Po6iyhi1USPuTRwPZ2x%2B%2BTu7sU%2BKf3WXppnHkuGo%2B8ehYCrR6ltiBTUCqr1XA7GNTee%2BdetG3ixf72KfsXGsBpSoPE0VH0MAQwCjNT3PTfLwU2%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkwRDNJOIHtYy6Duxkg2U8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 83EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

43 B
1020 B

16ms
16ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVPUkb3zpkCUwPC1T36P4aa6CjF2AR7AcqevEtjfoF2rOBY6DVW_c1YJ1cTQ5dcYH7H7vM_x5sCQHfGBvQa5UBy-kp8HP1hajj1wbWV1J-Ef1qqtTCa69gGeBfLmecIbqYmIGGmahhGq3wu0J6WBB9XGnyjNKDqM5OehEqYSi3h4mRbu2s

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01f49836-082f-4a8c-a458-07e873517646
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK09Ptx1PPm34MX5COjk5PY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 83EE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMjU3Mjg0ODYxNDk3NTg1MQ%3D%3D

170 B
232 B

42ms
40ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMjU3Mjg0ODYxNDk3NTg1MQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1dc02ec2-e95a-4635-a3f0-68d82038561b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMjU3Mjg0ODYxNDk3NTg1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame AF27 30 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APceiZGqFu_oR9n694gZj6D-41qqmf0sVwqM-wLnOZ-zsk4ntal3qDn9J0ndoJ9N8ZRqRfVnPG7flIVbKfSAjtpyVoPrCXI7GpMdYaOo0F8zGxE8yfi5JJZrgavTbw5axud60JNahyllNCPwXXpnGzQMg41g&cry=1&dbm_d=AKAmf-BShK1mYWC914BKYBXRep0ds1qec-4aLCR2z2gQXLPMJ60jLf1SABlG6o-OSe838B342pnQ0vojsy1t6qYgYoSZugTt46XI4KnF_QH7izFZI6OnNq9FV2Au4Xxm_YPkJoklAocrrPJO7G41ujMbeT8QBvaZS4EiONDbrVSr0-PZGJngS_613JVMvJJWJBN-wc9GJfEDoi5nN_jqYmDdC79Ey_C-Dx9gqhq7NUCNuqccFjEMUDcEpvfcfPbiqAAxTYAILpPQWFDG6TvtaBTsV2aNbnGRwFCgCoAEGE2YFJwBKK5v0M5h2uShMu_VQqE2OLxNaIgF1iyPAPHnfAGN6h3Z1KSqjlHATi_lKLxOspyU9o73FJt1zVKxQhfGNgRxOXWlG_C1AWzAhyu-eGdvizRpYusAT163ZZLu7D5unb4p8PZysk8D3Npy-NkZROBjw_xqbZxJrNtDKKFotYswZK_eOutjy9wllyV1-p0NVc5Yrc2w7VehXTkyqTmyDVWp0eOcDKu6o1c1rU3BEzNU578FmrncQd0wtYQ_7iPb9ejx21HDhao3hFEXYkgPjuFmUyo20jQsPv_F-tPMzm9d_SOj5dLYSx_A5dhATzj-SaN6kqKFL6Kxai3yguhuj6XZayvwBE0NXANrUkiHm8aeVZKASKAxs0aX6NulMymGz0NeNvwLn4DY8ebetxVN72Ts3oEK90EBKLyQtVboCairagORzxf-7usGUBUQBgeifWrIGxmuHD8l8JSkzIm_8jx3eSeQ2G5HsV3U0uCn3npp7AxBSXj6zAt_iJ4JGAUHkiWStHyx-C2YrMlQcMuKh5SSsM6_BeF-2vk4x95B4A8IIvohQUjiWBasAf0rofQqkP5TImbbty9nYo5Xxt3BfVbqRpeLns-xJbZCnZ07zPoYwuoS4hD2VDvroi8d3Q9xU4_MM0k9frvEGEZkTSEl1N6lW8j4oeN7PRCtfSavSwUFujFcF2mj2DHwdZOYoS0yn8esqnLqd0p6uhxpjNFjeK3WhcdzF3SKgvuCB7Et_JQDwdc4jrnWxRiA0BbWstebu0qMoSxq6TqlB4tREKwsgN2kXeg4ugaT91by6KAnqIAIyntkNzevCjKkLNWd_0hkNUsP9EeDa9uASVxjT5nJeMJBjEjX58rQO-bjBZvTUGWg0EkkM7csKOqhZ6EBLh8o6oWSJlD5cMd-XAhXLmxJccWpy2r_PTtpShyTTMpgFDw0XUI_nU7dwsp3pf16_-ieWxrr459G-HZx_xnZ9ojtRg5DRkRCZURad_36kwLcL3oC-pIElC3hP_-QiO6Kxqq6a8jSLI34SMzegeYQqkGpgOV1u3_w0k5EphIFlH_DLl54MCvFRvDW6BEnMgI9iG08nE3uqjleIO1vXzVSzOftLrKpduizbU12tXt-i5U02XKLPqEY8TJsR3FFSHaxnVtwdEoLWEIfPOkYDmIPn3jJIyrGyXT6hBAm_qGvPFCFMdWyY5V6bkUHP81Pu_LKd92OkrzGtxSgpL_CluOYfE84UotRJp1Xj6D4oGYpKiL98_bW7DpSXeVSVoX0CG04828AWZe_lb4SMVUA7qzdt00OTHawTs3aLjA8WrtqxgzlegKx5_9nWgLQwibW3IE8Jc7XTlnTfD8aIoeAArKCNRl_wR5mjMqc8vkKjfvGoBYr1_I9-Gxd6RVFct_AgAwvb3iRr8DDygMRgzDCWwI4wZGmjudRtl_5Qks1so9P_OncQlHjX2lMujbJilgXUIAozUOlwgYoLsHVS2n9iSRA05ye75Zq7aDebJzllR8-07uoMvEpDoUspZVUsS2jkkh65Laint-bSzzhe5F09NSpIKAcghcrVnUwSX-U-aWcfWzVRYnManyZ97o4CpGw6lbbYrl8sEfAyLe6dKnvkKcPSoMzoSpl7r3KXb5O106eEq0eqeGKGLQhEvk2J0Aco8_DkmioTF4_zKzGvBWU3ZvruccJ-Fhv-MVKik_5T830noOtoJ_oPL9vimZIK-pnVff2C0CPnEGYRo2wzDVJ2fxajPL-HrTXS15BerovO3XmdWGLnDx5YwAsXgCH5aAgVVlzy71EZKQp6UfEw4n_YNFjD0-ogXiEyiADvTRNciPVBHrrZf220FOLR9kKHDSMTDoeXl422GYkRK2Ub9AR7MKq5McS0FbYSZKHyjTQZ-azhHeD9lJCRbypKH-hX1l2y1a1iixjz8r-eP7lVeGBS6qHLQbHsAgVmriemR4BQxC6bRT8vl0mth8rsnNU7rZZeUwe9HZo4QTnNZkO7RAsnWJ3zfJRBDo8QX_htKrhZOFLoISVanCVzLSQYkoYV9gzUz2w97re_jbtqzdkMNVViOSPsZrGMT2FfMBZmsdSPF40geEkB6J9RAKAm0axwXj-k8r9OdpZXJUnZUCXPrdxQAsc512Fi0GlXFUjnuOG1Q7bBA06fG-riPDk-PaRtn57Td7rVopgwJv0yPUZB7PQ_qLz58lGugqtakI-Mk1awVBdFC_4DMSOtNBocT3E9OpIIRvpGdUNoBHBFUlCQ23mkKzr2faNOnWUVvzYzDuJOlopmWLpNnVxZwOvpIH1YxpUfd5TZzMdVkXG5JUvZZKp9KoWk9zqBgdqGLAsQy6ijWphmbgSD2WIjahRymia6Jy1QVdM_QIqFxownvWbgFcAc0PDhF8XugsgS3RU0fM7pWl1JoGlNNpNWZTKVsTUQLmAHvnqkCFb2HickibS6K_XdLtZISgWVW6XIJR_NG6OQ5Cx5t6l8Ys2sDsTf7GkYkEBDcECGcKhAK2MYw6vJuk4K47WnmgzmMZhmtVTAnqvJhOWJEwG51s_q1S1DawSwJgs2zng9o5_iBMOYyJzpn4gHNWUGq0Zx8-Z0FLpKhakP6JezTmkmjs7su6msKP4BHkkuCLbulfrzUAaeEPd3Xe9bO84M1lWI_cHIAn30Rqc7EEaQsQh3qsxErI0IjgdNZRrNNKaWWJXzQs9wrfIR0d6xXUEQghGWMny9kuToKYIc1YE9KzSsXo6w6vLbOYHmJp9mYvJ1gmIz_0d25l6gTVPusqDpDM-0hH8JF0B6-gIpl_CwOWjVGTCM4BD9MJ34k0HB8i3DxR3KKUi6VttoGtxXFf4RYUpLCmOpGbBAxKcbIlLvkTSDkozNH83ap5D5tnErpDyPQWY-x6iZ-tlvxhgJj37Ku1FyErJaCx9alopd3FZjnGaT8o3VigF9T7p1_944bR4xn-Mpd7QsS3Hpea7KAT8OClCfBB1MBaWBWb4xBWqPEnvSbPzvxZBBVAvTg&cid=CAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8&rfl=1%2Chttps%253A%252F%252Fforum.lowyat.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 07:07:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AF27 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D4A3 12 KB
5 KB 39ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3665955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT1r8qc%2BRhfVuJcZk%2BxZh5M6p%2FOYPYB5ntLCmuXByj97OHYGAxcdHYaSqyI%2BZq5kmmvn%2BUqbBX3N%2FyPs4k0k2XNu7WPKIGp5h77KdU%2Bqw5eSJtILqmEazOgTTxmRqEwt2TaUxrd8VuJrbKvkRIbWLhiD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7475dde23b5c994b-FRA
expires: Tue, 29 Aug 2023 07:10:51 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D4A3 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 7 KB
7 KB 68ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=236&m=0&partner=25080&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F25080%2F220505%2Fb0df4b81f52f48c386b6472c88230d0b_vev_luxury_second_hand.png&v=3&w=196&s=Sq0DsCcmQJDROB33WT2al2Vc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f584c5c806d7e630ee79af8ea75f77042b9b6cc3799973e92b166c45ed471ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30915905
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7216
expires: Fri, 01 Sep 2023 02:55:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 4 KB
4 KB 69ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F542244%2F756%2F542244-756-image-1-62da684785d58.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=kCIvdSr-R5bhuHpHKB1QHXIn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8344b3e5076287dccb0165ef80d6e2fcf4f0480dd6bf46f4c8fde4cc69acd459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=11564
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3908
expires: Thu, 08 Sep 2022 10:23:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 3 KB
3 KB 84ms
33ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F182299%2F1263%2F182299-1263-image-1-62a86b6492c79.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=Utw3jXmJCGIAa_sp68RCHqGO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7d253a87a55abf39a5a3d49d99ee5e37f7435222c2e3ead4202508a4f2aad2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4156
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3204
expires: Thu, 08 Sep 2022 08:20:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 9 KB
9 KB 101ms
50ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1176936%2F37%2F1176936-37-image-1-62b9c6ca335f9.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=VBIPGRqcYV4HO89R8OaPKbU6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8138b02bfdab8ab75bce97c4be157b2c03f473ce0c9eeb354d133dae7ef44e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14944
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8820
expires: Thu, 08 Sep 2022 11:19:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 9 KB
9 KB 83ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F124414%2F49%2F124414-49-image-1-5efbe7a5791f2.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=qUezPGd7d7_NO95pobe-_Wi1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e0b4d13ae6f4e419d950fecb4c86f04cff92bc1981ee54ccbe599e7cc1334586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=52946
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9396
expires: Thu, 08 Sep 2022 21:53:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 21 KB
21 KB 89ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1220790%2F61%2F1220790-61-image-1-62f971bd6ccc2.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=1my_5uK08vsCBa4C_oV08349&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

01eab5dac5af2372126f9074ac3635e22e04f6e3569fa3277f45b1ebdbaeaa11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=84623
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21166
expires: Fri, 09 Sep 2022 06:41:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D4A3 19 KB
20 KB 48ms
48ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1219420%2F49%2F1219420-49-image-1-62f73f466a9a3.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=800&s=MuJ3xV7pj--Pl4Ry2WyRvI8H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c8d26a395225b9d36064fb5c003cefaad9d79613ddcf0b84fc25d63e1c189f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19790
expires: Thu, 08 Sep 2022 08:22:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D4A3 0
128 B 53ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=MqZRjVlc_Ma8C4nTgmDWRg8LgUKKp_UtvhTQuKcCSyQP7CkxUCOkmhxlSYnfJcf07cbYg7Aif0TUpOtKhcfUCwWguZizaPGo1l2PjCsHR4ETt_TF-fNzMPdUTl5lomLH9wh2eR9VB6p8OHyRglE6XhTO595AcmwEc6mCG6O2mGQMlEOn4-6YCK5oj__qV1Sp7NEyTiyXX764PHUxrusX7SiHKVS-2etVRNqnogzVUMGO7NMV20fDe2zkxCUy45FqimxTEw&sds=2&rev=82604.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 07:10:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D4A3 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D4A3 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame A63C 11 KB
4 KB 68ms
15ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 43fc2d852a50713e1f7599995fe14f11c499e1f3a1156c3e7717eec217d85bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4023
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E2C9 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 515994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame AF27 11 KB
4 KB 62ms
15ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 48c85f7263f1d006a52a6154cb6586e5f48db28b401607a5350154b3801f4bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4022
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4D8F 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 515994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D4A3 1 KB
400 B 52ms
22ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 05:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 07:10:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H2 200 d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
static.criteo.net/design/dt/ Frame D4A3 42 KB
42 KB 58ms
30ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 08:02:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6073fe79-a654"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Sep 2023 07:10:51 GMT

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame E2C9 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 22:32:37 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame A63C
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

110ms
88ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 02ac2182e22a18dc423263ce99b2826587f41f81f2e34c318786d794397b154a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 57521100035483900710612012076021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1092
Expires: Thu, 08 Sep 2022 08:10:51 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 08 Sep 2022 08:10:51 +0200

GET
H3 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame D4A3 18 KB
18 KB 120ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 21:01:44 GMT
x-content-type-options: nosniff
age: 554947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 21:01:44 GMT

GET
H3 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame D4A3 18 KB
18 KB 116ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:20:43 GMT
x-content-type-options: nosniff
age: 474608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:20:43 GMT

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame AF27
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

104ms
82ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: ba4da2e2bed3318124b50f74fcdb66571872094c137c140e3a77a4d75bce1b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 28544800031584800710612012076014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1093
Expires: Thu, 08 Sep 2022 08:10:51 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 08 Sep 2022 08:10:51 +0200

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D8F 36 KB
16 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 22:32:37 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame B2B0 0
450 B 119ms
77ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014&t=htlp

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: private
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Thu, 08 Sep 2022 07:10:51 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA8:CDB6_91EFC182:01BB_6319957B_A2F3715:2A46C

GET
H2 403 / Show response
adv.office-partner.de/ Frame B7E2 1 KB
728 B 24ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 07:10:51 GMT
etag: W/"5ca0cea1-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame AF27 2 KB
2 KB 135ms
79ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28544800031584800710612012076014&nw=1
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0a45b0e3e8042404bdebf076ea4fa06f0e18354ab2392606485b8920101797da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Thu, 08 Sep 2022 07:10:51 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 08 Sep 2022 07:11:51 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame C190 7 KB
2 KB 36ms
12ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=93490ea519&subid=&uid=16a75a9f034b9ac2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz6ziepUZY63gH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOYBT9D8Eh_z3Bvrdm7FHWFdma9JTMOOkLrkLpV1-5RyKDEgDEzuuniFeQHHD6o8A64bz5DV_Z4YCriYu21aJnAYieNpZfvJqYUIf7BHr8AE88hh4Sec7LOMoH9_lFoEa0tnu8HYwebOhwy9k9fhONR-fTicWJTG3cj866l3NOyQhtJBW6SihCF9FGXDPSPZXu-CSntm01VjFUJSAft9X-OLfYc6Yuw4_SjpXKiyjABJA3tPPXtLpYy6NOpme9P5Nc8NHMzmDLVKsBcfAdH_pnamtD2mK9bqY6NkOdKMyplsGJqTcYNtVr_ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoWNrRhIOJ1k7PpYJIOfEgR1RylX5cWpyoV7wv6BcKJ82zKIt_7z8%26sig%3DAOD64_2ia1vgwXFSNIWdS4e8M9AjUsqSJA%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DeDKPDM2-vKfy5Ftkvah90DFH7WUisEXf2Z0ObEwPMDzt4MVj1KLyGWdEf8vdCrL9yWQM9kDm_qdlD3dZ0wFMhti7skB4Q8GTH8V7qkT353DC9LTzgRwC0mK-PA64HjD024Ner-DbVxWG9a8EGFiArb2ngOg%26cry%3D1%26dbm_d%3DAKAmf-DHgJrER-riUrc4DjkQs2qcm9u1WCj9urkuKaqLta5YlJEJhd17ELGRiWPTNxRylqNLqNDOSsM_pG0RKFOj8lGwDAiqCil8c1GQ1qSkGN0bviRD1W3fXP5uBPgGxrA0K2a_gfTD8GEjXOJ-lKrg8Eg7dmWr-lDDXUvVuefqm5ETUS7dTwUA39BF4Cw6Ykoe33S8MFyAmJXzUULFYkw-mUzIxiyAFisdu3anmb5pXry45vSdAQHfzNyLBLU1tFBCZcLEE9BHVt4XPOIW2gtqm2gaNGLeSnlyCLkMoMbSG3_E5B4Sx7VweLcqyw3jMDHUY8ZS-BJ9whGwn_Q0EzEs8EZPAfaikowvu1d8jx5_FJ5dD-RUQJw6DCaMBpUXxzvpj3BTK2djlz-x7jvOuQtSEOJ3WnnDuC_JbBEfPb4RRI1hi2u3gSnHzt0nG5rDKMETG4vFIUoVqU2m2q5hfZXfRRpkB5BNdr7Fp5-IMhKwlt9gqqmLJRmHr-uVW8Pol0bNNnGL11SY0YOBu9Tr9jXnL38HCx6F_KIPWz_skm1A0gai6oMuUf8%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=6852038222539&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 0b3c9f676bc7ad1bfcda75c5ebb8337cda2f2cb29bbd7db62064ab8f4bb5bd9f

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2067
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Sep 2022 07:10:51 GMT
Expires: Thu, 08 Sep 2022 08:10:51 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame AF27
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014

43 B
466 B

109ms
91ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA8:CDCE_91EFC182:01BB_6319957B_A3968F6:1F22E
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-control: private
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28544800031584800710612012076014
date: Thu, 08 Sep 2022 07:10:51 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AF27 43 B
704 B 69ms
44ms Image
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=28544800031584800710612012076014&pv=1

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK e99aace94e6e5873830a7df8deda4aa6 Show response
pv.medialead.de/trck/epv/ Frame 2D4F 0
450 B 111ms
71ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=57521100035483900710612012076021&t=htlp

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: private
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Thu, 08 Sep 2022 07:10:51 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA8:CDB4_91EFC182:01BB_6319957B_A3360A4:2A46A

GET
H2 403 / Show response
adv.office-partner.de/ Frame 6383 1 KB
727 B 21ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 07:10:51 GMT
etag: W/"5ca0cea1-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame A63C 2 KB
2 KB 124ms
71ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=57521100035483900710612012076021&nw=1
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 79f9f5fcab9dd3a243222b6b4b8e1249e8d285017efc67ac58989105ae31fda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
last-modified: Thu, 08 Sep 2022 07:10:51 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 08 Sep 2022 07:11:51 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 8B32 7 KB
2 KB 35ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb1e5936d1&subid=&uid=85233cef7016df20&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCP84LepUZY-ThH9CUgQfK8r3oBbXN-YNX_Ni5q-UM8C4QASDi4JwCYJXikIKgB8gBCakCqripdvbAsD6oAwGqBOkBT9BHfjmnhQGSxSvYY7h3Rtzb-NS7GuWWB8_bvcmW2oO4BJ494jvDHo5dCFaMrZm-wK8qpEtOPQOppTtSUW4KHQA9mnl6KFqBAIkGB0mww3_etc9I3eqUFiCof4LDehn5J9WzPH3HXoiY_iLRGXSlg2JZbPeRyDuuli5nA9QF5wQcnjHRzKLpGiBVOqrGa2mbINfrZqFrZOam7nFjvkhNjy-J6NxRI2bez_Ifnkmw50lDJzVJJ9XB4xoBv-fP6jbI_Vmehk4q34071a8-cCHzujTIUKZPxleVC2lZ91yMkk6VamjWWYEq9Z3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgGYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORo_r8Q4daOxrGKj5ftwrO7DJJBTzMo8r8WTbeuapzQjIR-ew3tIaU%26sig%3DAOD64_2KgGyRM8XoXv5mUNs1pxYQo55YVQ%26client%3Dca-pub-7979631120579969%26dbm_c%3DAKAmf-DOj41t5Rxv2uyzi58U_Zyb-tCfvbkvLJ5d4bjswY0Y0I-Atgo4ievdgtN6dDTt28Cpe5weBoc0w1xURXKuwqVzcqhVO-Cqe-FGIoTp0M5bYnSJikcwL55U7_gdb40a7aQPF4ZDhxXLEWPV8oAD6d-PaSW2fA%26cry%3D1%26dbm_d%3DAKAmf-D-RPbTt8a4IdIgdFxh52PLnxxvJLtu2DrIk5edL7y8A6Gd9HNhwEQ7L7oQ3hBr5webqtcO31MDEhjIv-N-uNP7VVNRWWhUobnAz9I3RWS7KVqTiQDyTHGt0zbYFA_XwIJQEjmyE1XwM_4uacV7qDYH-nMkVMTjyxgtS1KC7Ug29Vx9-dOxj13jXlbs-bkjA9pJ65go_bgBOvh0t-aq34er_fzqXTrTjbOFBlfa_4BpIfWBoB5buoW-oxydG0v3VSIdp2DTdtrM_OoX0BGEKKZj1ObvrouB3kDLnw3Bmwwmzfxfwi5-DOYMl5VaMLjb7uBVz2OW9n1D5IAOUNJSffIWq8q9amOv_Xtgm2dTiSrT-SAIh4-db5XCTysOovWpvIuR-eVT5vgME44izX1YhuYx7bcGl55OTyhcLZgLDItdc-KbdvWJ2RMvkE1GhvWrr5Xpt7ID1gT4jr_qZdWdeM-J--lgay-oKkZfqskbljuLQVAEGPCo17fCmN9EXEaxom7nVmUsf5UNA8K7G_IHRTaa9RdeR-Blyb4aE-5fwNT1kPVh7lE%26adurl%3D&documentReferer=https%3A%2F%2Fforum.lowyat.net%2F&ancestorOrigins=https%3A%2F%2Fforum.lowyat.net&random=8399130075963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 15943ec47329a82afa39b47788e275d779cb5e98b462be73bbe1898f2ae9e648

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2074
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Sep 2022 07:10:51 GMT
Expires: Thu, 08 Sep 2022 08:10:51 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK e99aace94e6e5873830a7df8deda4aa6
pv.medialead.de/trck/eview/ Frame A63C 43 B
466 B 126ms
70ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=57521100035483900710612012076021

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA8:CDB2_91EFC182:01BB_6319957B_A3968E7:1F22E
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-control: private
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A63C 43 B
704 B 78ms
56ms Image
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=57521100035483900710612012076021&pv=1

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 07:10:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2C9 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BklY5e5UZY8HjBNOz9u8P3su-4AEAAAAAOAHgBAI&bg=!vr2lvfnNAAZTikH4c4o7ACkAdvg8WledlLbKNLgq3ho6r4vOJbYBqn95VkmXQsDGbel64T8QgrABmgIAAACPUgAAAAJoAQeZAwXEPeqtS1GoNXWSgQJsEHnp87aFcTgof3cU2VM8K1xBkqwr1oaqAizcmT44nOUAbEM2DZCLalJsLaM7JLG7EipI9zraqBH2G4iiNTQPd0VzojkQDBFygsvrUPK92ZzRevknJLlgWHkGbh_fLflfOkjQk-ivlTFIn1seoDqzoaKk14TlOI6oJ324DEVYeQAIR8ItG2_ruFpEaOr4ly5Ht52aSYt-2K0r7YO_-gjTE-FGvENk0h2RoHcUHIuDLmlCH_SXMourZ631BSpJQKFYytoC_55SB0e7UZ7ysCMPD-H9JCHvmfVRjyQIe25An-l4iFuj7CyyGuE66d2twLNr5R4hgwrptB7oZKEbspnp6ia1JZrtIW2cRPKh2MDYVjMr6PPGsjCZLOAiRBUjLusCoKkx2PD8lBxcKh7Ofs951NihRpsxuiyV1o1VrvcmyVHq3dczLBxg_otEITEcX-d1Bos2nHWwKKkeL5SIer0NWkatXs27nB_pzB-q9VEXIltq6QJamuP3vpdeA_QSohDdIPm01Qvg3Fzc5irm3126C-hzJOg4VtEw98vRrRxSXcRDkjhuWDqoe3RDp_M04TU_dfUKOwR8-XZFx_ktWmUwdhTU8k0PLTDg_c3eKALvOTOMzCDpdstxqhscSmKb2-GPBpCGc3_ZKRfmxYD0GUAoXmFlxzOy3GFG-eok80OkCw8j9B0_eY3dbW8pWiFDH-yTDcBSsD6fb5WYqlzf2oO211i5N9AJFoJFbyqCW6lwgksbal83nmHehRXVgQ1s-JxwcUhho9LqLt9cFo9ArIWtd10otAh5g6a_N1ML9e2UUjHPhLEu8GrMwvZkKLdWofW59-zKoZV4k6zl9aY_737_tdp5PUCkB5KYDjNKRXLDvQC_raU262BcGLNhX-Nut_quRQWl20VPa6qup6TJEw6RwboMU5q4jrBI3fXz0RLurpbFWRm_gr7ytDT3wxxiJTEpWvBPnUHsUi6WxYuU-PoWpIUny_8gDkP0dSamcvM4Y0oLvNLtgSC1Uw

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AF27 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7866ee09dd60955caa8c18cf59a42d207851091c9abae0b14cd1871b64a4e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A63C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95457458f0412d8ed13b8f08c640c9867c7bf65638823536c2a293662c23896

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D8F 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBi7se5UZY6mXBseCx_AP0IykwAMAAAAAOAHgBAI&bg=!U1ClUBTNAAZTikH4c4o7ACkAdvg8Whj85ol020LjCHa-w06HSCSIXAv-nM7l_VEjHUqGq7BbeoC6dQIAAAB2UgAAAAFoAQeZAt9OQuM8Gi3C2RDwFxs784Hq6kad5ONKzXJ3RHdub7FPREo1UVkxjdW_nuMebOnm1NkMJmqT_kekl36fs3k9KMRP8gNLltuVxbAsPkM5ibznyQDw4kVKAUHCNejoT7l9cRk6WMcYxa5z73wW7TiRQNqVNx4s1jacTHw8-HctbEGAMxmRBu1dfQqp2T5Gh5gJB0aXlmV1tasvDyFdf59nV-iSTbIs_uORr6O4VV8WasVy5EQtHb9nlr7HlxzgBukfwT2jDKeSdfWZtyd6EeC4h1X1HYsj48HlpoYhOOthuOvQjTktKOGswxX-0By8CeVxCWRVtqp-AGNWtooN6_qkrgH_-zAScWWzacY7lslB-CqCkongr76H1pT5lQkErXTXfN0rRzlGmg9e9aeF0fqO_mB7sYFHvLlI2TER1M_RPjP7IKxIrSwWUlamfkoE5e5CCy4HY5qiwOkgW8NL_ifforbSd0FRDvTD054pAevYtkeyWI8sZdrN7fLugED5EEJcgLkUcR1diLsq2KVnatbjl7SXTpOG3cN8TRBdtZ2AL8cDW5N21EdOrn6_Ra6zXnQ18d6wYlyKnYQuMn-Fnss2ZOvma4_RLD28IIWa4fNLGSpbzsOiLQtA49hLYM9_yfDF-jW6Z9qyDBUPz0PVPDI-cJHDT2KvW_b37ikVd1vU7SbDzHNr5PDz-eMHATQgG3jonqFF52W24z_Y3T_xtmyasOtuoB8HeHGZxZM_IuZ_8ULj6_RUKA_YgMeW3RH0zWNjP3tK0daId9siJb9qdays8_9IGiOxsNCxFQDgoYpZB3CeaS9dy7093fg7g_Tc5L1HB-0oYa03Z7_Xw3roGSN2ufmlda8dkl4sO5wDuy1-O2aK0MHiZ8x0coNyk7-ExY-BkCm2GnnYeriaVJIRlWqV6UJ4kI6hSK69P_DT9n09j0rzis4CKmEBFCCj-0ZFYlNwLHXy-goN_YnTiplohMEwqEw

Requested by

Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C190 1 KB
419 B 21ms
20ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 07:02:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 07:10:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C190 16 KB
16 KB 42ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 82c0f9fbcd42e8c5e5f24c6bfa2b3a1b3b548eae74c2056ebf0e86e96e71bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C190 16 KB
16 KB 41ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18ee38bdb6bd701f089f36693b9fcb29d647b5ee58ebefb0e0de44d3f511674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C190 17 KB
17 KB 41ms
13ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6cc1cfbd457032149451f67576a5cdf8ed9d26b4c0aaa7e0e255b3734909e4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16855
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8B32 1 KB
419 B 21ms
20ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 05:29:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 07:10:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8B32 16 KB
16 KB 43ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9ee5241526d1d2c3db748abc32c3c2ce08b0e6273ccef71b1f3a84bc0541d076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16465
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8B32 16 KB
16 KB 41ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18ee38bdb6bd701f089f36693b9fcb29d647b5ee58ebefb0e0de44d3f511674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8B32 17 KB
17 KB 243ms
13ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6cc1cfbd457032149451f67576a5cdf8ed9d26b4c0aaa7e0e255b3734909e4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16855
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame C190 0
150 B 35ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=28544800031584800710612012076014&a=06fd79d0&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=28544800031584800710612012076014&a=c4921d47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 8B32 0
150 B 36ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=57521100035483900710612012076021&a=202cfe94&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=57521100035483900710612012076021&a=c0760ab8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 07:10:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A63C 85 KB
85 KB 40ms
8ms Script
text/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=57521100035483900710612012076021&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:09:07 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 10904
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
content-length: 86537
x-amz-cf-id: Sxyk_PY-mJvdgygJhJmAOijGsSnPMTeQ5O-wulk85ySBYQQZzosAFA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame A63C 3 KB
3 KB 41ms
8ms Image
image/png 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1662621351&Signature=UFOUAFmvBG6eYbuf4zuL3J~J9GkONZPQM2fHHYjkosVWqqv-pmM1XgOGR0aJmp7v3-LY3EOsiCXa6YopDFBvY-OX5jSh0Ge4Y~etg4Q5NDucEH~Mx3piJL5h5YrNgYOW2fu-bJoMQc-jKSFFaVXPegK9YA8YCtNPgK2fDRQJ15tEeQIv3ztNd7P27tdJlJL2hyE2NPNW0BHe5BIdBUAJWbhAE2F-~4gLOWoGHysgcwsaZ5bT3Lzaejbn4bqp80hxVSQC3C1lGVPdnRsOfRINrdaZcBb1mCdLt53y~eZ4xqtP2MWJ88d8xQE~HafjL-lY9bIboMglnwk5jAiA8a~2Mg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
URL: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 9909
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 08 Sep 2022 04:25:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: COQyUwb_FVryz3Fk8huvG_4_-_NOKKC95i2w7defLKFQE3m_mk6z9A==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AF27 85 KB
85 KB 55ms
23ms Script
text/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28544800031584800710612012076014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:09:07 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 10904
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
content-length: 86537
x-amz-cf-id: xsHt8WbP-eIjFavC5zbVcrFnVcDyM-gy3gnIZqY5c2vBsHqLjiliBQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame AF27 3 KB
3 KB 40ms
9ms Image
image/png 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1662621351&Signature=UFOUAFmvBG6eYbuf4zuL3J~J9GkONZPQM2fHHYjkosVWqqv-pmM1XgOGR0aJmp7v3-LY3EOsiCXa6YopDFBvY-OX5jSh0Ge4Y~etg4Q5NDucEH~Mx3piJL5h5YrNgYOW2fu-bJoMQc-jKSFFaVXPegK9YA8YCtNPgK2fDRQJ15tEeQIv3ztNd7P27tdJlJL2hyE2NPNW0BHe5BIdBUAJWbhAE2F-~4gLOWoGHysgcwsaZ5bT3Lzaejbn4bqp80hxVSQC3C1lGVPdnRsOfRINrdaZcBb1mCdLt53y~eZ4xqtP2MWJ88d8xQE~HafjL-lY9bIboMglnwk5jAiA8a~2Mg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28544800031584800710612012076014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 9909
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 08 Sep 2022 04:25:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: GsO8W2IAmpju75STuYRFwqlx4yysOa3cj1IY3iEYIU_oZ2l5OHxztA==

POST
H3 200 get Show response
www.youtube.com/youtubei/v1/att/ Frame 678B 20 KB
14 KB 63ms
63ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7fa6b44780b09bf1ca38c0234dc765951da6f4b9af2e4e146e7cbdafecfb13b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220904.00.01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Visitor-Id: CgtwYTB6T2swc0xZbyj6quaYBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14045
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:51 GMT

GET
H3 200 yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js Show response
www.google.com/js/th/ Frame 678B 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f013254fae568fb357e26403a8d280143f75d6554c71b0be40634f28d4aef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14098
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 05:03:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 678B 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?k3egdw
Requested by: Host: forum.lowyat.net
URL: https://forum.lowyat.net/topic/5307532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 162ms
87ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf7500b25d911f031bb90adf8026a92380e3529a194a1f84efbc1eccb237a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 07:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11103
x-xss-protection: 0

POST
H3 200 rum Show response
forum.lowyat.net/cdn-cgi/ 0
167 B 13ms
11ms XHR
text/plain 2606:4700:20::ac43:4a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.lowyat.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://forum.lowyat.net/topic/5307532
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7475dde78f0d9261-FRA
vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF6D 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYRGvFT5EgCRcTZ-kZ7CQ1RHbGOa5T8urQ9TiWEjYXoDfa2reSb77ipXJYUNswcKIEUcxM1fOXiCZaDuLQ0KUJMCPZ&sig=Cg0ArKJSzEXsTLX7q1yNEAE&id=lidar2&mcvt=1000&p=0,0,120,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=250581548&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662621050555&rpt=598&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 07:10:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D4A3 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 07:10:52 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87E4 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 06:09:24 GMT
expires: Fri, 08 Sep 2023 06:09:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7A1 783 B
534 B 47ms
46ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7926b51eff289ce8abbcac09cd0314f6f907d2927ade67ef5cdf5258a111914

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n9UbtcVXKnkWn17fpKEvIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.lowyat.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-n9UbtcVXKnkWn17fpKEvIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 07:10:52 GMT
expires: Thu, 08 Sep 2022 07:10:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A63C 16 B
232 B 75ms
75ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 70ms
18ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 08 Sep 2022 07:10:52 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AF27 16 B
232 B 73ms
72ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 59ms
18ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 08 Sep 2022 07:10:52 GMT
server: nginx

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 87E4 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 22:32:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7A1 0
0 70ms
70ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=2309070443014296&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 87E4 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S6n4_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:10:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 678B 28 B
54 B 54ms
53ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Request-Time: 1662621053160
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/FItP77HqV9c?rel=0
X-YouTube-Client-Version: 1.20220904.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtwYTB6T2swc0xZbyj6quaYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662621050667&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C780%2C470&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 08 Sep 2022 07:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 08 Sep 2022 07:10:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=2309070443014296&bg=!AgGlAUXNAAZTikH4c4o7ACkAdvg8Wo9MKTsLY9x-6-Z1oQPAvPzedhmAhL3SjEvf9SjP_JnUrpH7mwIAAAB4UgAAAAJoAQeZArNqs_D1to3zu5TVQGl0LkuvjxE3mYqbe1JdwaHqskwlbz2vCm86HAqzJLFsiG9T3WDzwXJVnGMmUjpTaLBnT68vnhKyuEZlkmaDcNuBqUTcNLIXdAksfdP5sBy2DAUlD1sGx5d9_vtDdk1PoQSmw0vInfs-Wxzc5TPGEuM7C-E7AaKfUfl7l3s7kO1n7jDzzn-GcsYS7o5nOlFbtoLxekFTfT1knZpiofQDbP5OlR3xaDXV9MSfXUw6UgEciVSzakZW_P2s5n3V8m64PA43GjlNWGtLJz_wet5A1rLsPIWSaiVYyD0UxpMinSMxUnk8RTMyLL2q3swvv2BhfzVh7j4dbJAK6NT9sC7ylpAWMAe2vj56Y03mR-SwZNdSGZbA4U6bE_eTJ-a2iGAnGQJavhiDek_ZPgRdnQNWA3N6rHoo6iwfu-55n5B9V0gAv_YZ4Cx5SeBb6Nz0Q3SPIV9okF4tDfihqAbCi8hZqdylba66XLDDNcYYCMQdAaamaZC3Sbnwk_RVSI2PTPbWsTC9DBjmws7NmZHFtKqQh6yLXiuIOHwjfivT6yd2oVK92Wk_KWRfiyEKxWJw_eBg98fp59wxRc9mqTvQ3Xva8DN-Gp5ySPFTTSYMZBOAoUE30HjVsrLmmnQuA28036IveuJDHWu8R2Xz1HD6kFsXSSfSfqv58zTlhSgcgJdYiBFCXQrwK9PJCwCbZCS5POwsfayuC7elFxmj3bxlV3hAhnkwwAc6Hbm4yRuypvOJEI23MyDu7jgiNq2iKAMv1MuYLSnDxMsk8jXD9MmV5SOOYX6g3FFx8YzIZnV9okQiJ0zTimn8TE4RoNBgKcU55s77XxuJ86taQSThthpf_OTAJcIv0v6t1i6TgQTdkA_TcGfPEWJc52fUVA2xCCd5vMROkMogD1yVpDce
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 106ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2WVK3M5DBN&gtm=2oe8v0&_p=1681433771&cid=1093847934.1662621050&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662621050&sct=1&seg=1&dl=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&dt=Teletubbies%20to%20return%20on%20Netflix%20as%20series%20reboots&en=page_view&_ee=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WVK3M5DBN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forum.lowyat.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 07:10:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.lowyat.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.forum.lowyat.net/	1970-01-20 07:16:45	Name: lyn_mobile Value: 0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qlX0XOXD6wM
.youtube.com/	1970-01-20 10:09:33	Name: VISITOR_INFO1_LIVE Value: pa0zOk0sLYo
.lowyat.net/	1970-01-20 05:51:47	Name: _gid Value: GA1.2.1890020194.1662621050
.lowyat.net/	1970-01-20 05:50:21	Name: _gat_gtag_UA_144730_48 Value: 1
.lowyat.net/	1970-01-20 05:50:21	Name: _gat_gtag_UA_144730_46 Value: 1
.lowyat.net/	1970-01-20 15:26:21	Name: _ga Value: GA1.1.1093847934.1662621050
.lowyat.net/	1970-01-20 15:26:21	Name: _ga_2WVK3M5DBN Value: GS1.1.1662621050.1.1.1662621050.60.0.0
.lowyat.net/	1970-01-20 15:11:57	Name: __gads Value: ID=9891b5c6bef5ddd4-225653a717ce0057:T=1662621050:S=ALNI_Ma-lgGAEJEZ1MggEj_xtl_GvGttew
.doubleclick.net/	1970-01-20 15:11:57	Name: IDE Value: AHWqTUkqTwU77zI0wBNMCxe3ISUoSye6ApjbkyxRek83GI7QfbeI2pcTBoRFwlS24u4
.casalemedia.com/	1970-01-20 14:35:57	Name: CMID Value: YxmVe6q7sXcERHJLlIPyWQAA
.casalemedia.com/	1970-01-20 07:59:57	Name: CMPS Value: 1190
.casalemedia.com/	1970-01-20 07:59:57	Name: CMPRO Value: 1190
.adnxs.com/	1970-01-20 07:59:57	Name: uuid2 Value: 6002572848614975851
.adnxs.com/	1970-01-20 07:59:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In?qG!Zt!]tbPl1M>e)ZlrFUfJ+tGXxpONVv+@Ooi86^0Im'O[5?0@oqc0YvqK!h]xGU3If)y3KL9D3I?+Y7w2mT
.redintelligence.net/	1970-01-20 07:59:57	Name: 8lcfmzhxc8d6_uid Value: fb09e0d4ab1081c4
.casalemedia.com/	1970-01-20 07:59:57	Name: CMTS Value: 1210
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595
.awin1.com/	1970-01-20 06:00:25	Name: awpv14098 Value: 296283\|1662621051\|5f43c841-2f45-11ed-92c9-2266c8de2152

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979631120579969&output=html&h=120&slotname=3254453113&adk=250581548&adf=4271478627&pi=t.ma~as.3254453113&w=970&lmt=1662621050&rafmt=12&psa=0&format=970x120&url=https%3A%2F%2Fforum.lowyat.net%2Ftopic%2F5307532&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662621050257&bpp=2&bdt=522&idt=290&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3925211928341&frm=20&pv=1&ga_vid=1093847934.1662621050&ga_sid=1662621050&ga_hid=1681433771&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31069437&oid=2&pvsid=2309070443014296&tmod=118572985&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UxBIYeP0Mo&p=https%3A//forum.lowyat.net&dtd=297 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6432aabe7b61d0b2600d072abc9a4010.safeframe.googlesyndication.com
acdn.adnxs.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
c.tenor.com
cat.nl.eu.criteo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
forum.lowyat.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900021.redintelligence.net
i.imgur.com
i.kym-cdn.com
i.ytimg.com
ib.adnxs.com
images-cdn.lowyat.net
jnn-pa.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pictr.com
pix.eu.criteo.net
platform.twitter.com
pv.medialead.de
region1.analytics.google.com
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.18.19.126
104.244.42.136
13.224.189.115
13.225.78.54
138.201.63.157
142.250.74.194
144.76.238.55
145.239.193.130
151.101.112.193
176.9.26.250
178.250.0.139
178.250.2.148
178.250.2.150
178.79.227.76
184.51.9.18
185.89.211.12
2001:4860:4802:32::36
23.205.253.64
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4a59
2606:4700:3034::ac43:9689
2606:4700:3035::6815:4f7c
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:4700::6812:1634
2a00:1450:4001:806::2008
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2016
2a00:1450:400c:c08::9b
2a00:1450:400e:80c::200a
2a00:1450:400e:80f::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a03:2880:f02d:100:face:b00c:0:3
2a0b:4d07:101::1
52.56.221.73
52.56.49.215
94.23.99.218
01eab5dac5af2372126f9074ac3635e22e04f6e3569fa3277f45b1ebdbaeaa11
02ac2182e22a18dc423263ce99b2826587f41f81f2e34c318786d794397b154a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a45b0e3e8042404bdebf076ea4fa06f0e18354ab2392606485b8920101797da
0b3c9f676bc7ad1bfcda75c5ebb8337cda2f2cb29bbd7db62064ab8f4bb5bd9f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c714f14994b51b52510d14ebe8ca2916338816dd44c03f6918e01d68d351b7f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15943ec47329a82afa39b47788e275d779cb5e98b462be73bbe1898f2ae9e648
17d02477100dd5a6f4adce3476078384e1c7e646d2a81d2c39d0914e784f1242
18ee38bdb6bd701f089f36693b9fcb29d647b5ee58ebefb0e0de44d3f511674b
1c2a7177414204cfb6308d1b3ac948ba52bf431e15ffca959861409ca6e68cd3
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24037e139862a8205529cfdd8e27dd04d998ddbd06d4711c1deea6bc59658da2
254afc4aa446cf66a5b45d85a9bb58a45269b419aaaf974dbccd2c0b76f765ce
25b395e8098cff5cc2e0df7bf89057e61e3d800aaeeee504728240aa3716a0f8
29e95cc356a091a7843c1a459efa0ebbfa5256601adf4d5396a3df030f13f6f7
2a15e638c46d2e990e259c147c17770583a2eca33122fbb8a74f686cbebad984
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33ad2efebb9a139e7702e97e14e85b4b414bb1b4f45d21031b194ecfd10487c9
393df0eac2588d4439fde581931f8c7d23c72f707e2fdda8bf45bbb2ddee4967
39ff4fd099733ca612119cee9ff76bec251854d45b616958ba85d6593d9a5607
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f65b876f42009f790fdfea4d26b48cb124715746cdf40febb1da85a8d1f664
43684a3ce0fa571e3a81122433a9bd6023eeb278ccb1132f804f281a86fdd4da
43fc2d852a50713e1f7599995fe14f11c499e1f3a1156c3e7717eec217d85bed
48c85f7263f1d006a52a6154cb6586e5f48db28b401607a5350154b3801f4bf4
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf7a90c8315f064558a809cfa511d36ed128533a30ab9f0048b8b81649eaf52
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f69e47e51f358023e78b7b424b8246bb78b0495fffb7fc80ab412dc28b34243
50299ba0c586f188dea5c674dcd396d338fd6f83640a6f810fa0e1aa9ba9aaaa
505217854fe4541cb6f8f1d0fb5009f30fd537d93755df7f5ce283ab42c03b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553144ca65af65be193fbe8bd4c9afba88c454df06d4defcf71b03bffcdd7079
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577f6f51f9c62413b67e598ffaaf5da99288a5c9be425aba28dbd6efd3ec512e
58e4c189b245668543a0c314e672e62758470822749aeff6f5156a7c796bc240
5b0ad4076355c7896ac31c2caacc9b270cbe5758a0c6b086298cc7f55b02aac9
5d234039da077441285efe22a836b44d98577dc709dbd753a511d344438d4d65
5fbbbf96c535740cfbcd75486548c8327e6cc275310d08dc93d1cc7201e8c275
61855263be45f5d1a4a9a6732baa39d77336a3eea2c0ce09ce299bf677d948dc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6998bb2c877989b408d7c801ea1b0b0bd96a41536522b16e6fe9425a67919d2b
6cc1cfbd457032149451f67576a5cdf8ed9d26b4c0aaa7e0e255b3734909e4da
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72bdfdc1eda155097e1d1ed06d34982891988ea37a821eaeb95ae1255b40a0bb
72cbc332ffc0d42fbd5068d88b1c07a9be60226371633be4cd711df3318181be
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
77f0d7e3be776a95aa450b154b04d81afcd544b253150c0b120cad75b73c0d72
782a04369241576d0aad4141edd80f989d9e5e0fab9ef53b94cb67332a19a7d9
79f9f5fcab9dd3a243222b6b4b8e1249e8d285017efc67ac58989105ae31fda0
7bbc0a1a176faba3ab4ef9aebd61fbc1fd8afc56ce0ed7f7183d8256a57bb024
7d253a87a55abf39a5a3d49d99ee5e37f7435222c2e3ead4202508a4f2aad2bc
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
7fa6b44780b09bf1ca38c0234dc765951da6f4b9af2e4e146e7cbdafecfb13b0
8138b02bfdab8ab75bce97c4be157b2c03f473ce0c9eeb354d133dae7ef44e06
82c0f9fbcd42e8c5e5f24c6bfa2b3a1b3b548eae74c2056ebf0e86e96e71bafc
8344b3e5076287dccb0165ef80d6e2fcf4f0480dd6bf46f4c8fde4cc69acd459
845e41a30b180f9588244c67cea447225d932214b89ba1e82484ac13890834ae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86148b46a62524aadd5adfb7a3902e337c5751ee136b219ecb37c4dd6d3888c1
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8876b2f94261e8c9b63aaec7e0ea6635001597faf8041f1c3ebe3f733700b22c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8ff88c2564a076884f6cd124c5168c2d0240d33a79725bd61ff0556b6277acb3
9632a0cdb726876f12499c0725bc4ca07e9fccd84ddd26e2cd3a6981cbb97080
99b4696244bf998a1c77bed53ac5a7573abd351a0561128e2351e4b354818178
9a5fbfdcc1c195f6ead8807e0462a4cc326a47fe56e3d4c0e82ab5063601a981
9ee5241526d1d2c3db748abc32c3c2ce08b0e6273ccef71b1f3a84bc0541d076
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20da12fbf1416b52f52f8efc59eb32c61abf05ec56db2ff9979e3086323dbb4
a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c897555fa3a978e129d504d7c981b54d4e84f1c9bf65890888f1066aafbf24
a5eb9e8e73605a71647c2d31ace95bc9ff89e1583f890faa72d85743d22ab10d
a71ec282a007b976d658468536e9bc23fb41bce023cfdb50e3be03f25482d61a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7866ee09dd60955caa8c18cf59a42d207851091c9abae0b14cd1871b64a4e1d
a95cf29a57f4b5afc1844705fa914cdf5004daf211053561e72fda304e48fba3
aa81202eafd68a146de1bfa18b7a8697bbd11740930986c99aebfdfce7a362a6
ab0ac9eac003cd14cfcc2726bd72c1f7d8074b240c9efe2e30f851724a5c0368
adf7500b25d911f031bb90adf8026a92380e3529a194a1f84efbc1eccb237a22
ae17a3e03da6b41e453d80121f39a91d88bfd7bc0edf4a8f90faf469d0ab095e
aff436671ec704d75d869bd9740976bea95db49350793513b71c89fc42b5fb08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23ae651c40029bf56e0e56719f401cf0077b22e6cc2762638458d608ebc9ee3
b793b813160bf8e3f67cd24c855000a4b1df4760dbe4041b406899df1e8f4749
b9def55d6cb5fc18690de87e739f6dd367c9b818e4672fcafa9b0c15040cb516
ba4da2e2bed3318124b50f74fcdb66571872094c137c140e3a77a4d75bce1b33
bcb2977214dc3dba331aaa21b4e59cf2e8b1da3eaac00bd6988ac9ee7158483f
bcf51f3e9261708bef6ce9ddbdaa58bc70a5dd4d455a4b1dec334d5de4068c3d
bfe2ac4e32d12394fe48de9aecbbbfdf5e2886a2a7712e6284ac43f96f1645d3
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c889cb4a2fa2f3750110810b9584681f42f245cabf5ca49fac70b15fc6448352
c8d26a395225b9d36064fb5c003cefaad9d79613ddcf0b84fc25d63e1c189f99
c8f013254fae568fb357e26403a8d280143f75d6554c71b0be40634f28d4aef5
c95457458f0412d8ed13b8f08c640c9867c7bf65638823536c2a293662c23896
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
cfb40e7f67a7507bf11ba06ddbeeba8c514e3c8c8226cbf88b3b2d2c6da37112
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
d33cb413954e2c874f6d1e23c444fa33d050eee66ef8a17f949de0a077b4f1b6
d49328d094174abbdffa6932ce113c6d160d94ed4928ace1e729fe513db4f42d
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98a8122fc62b8f07462aae39daa3ea1e2e1e0dc035aff8660110b2096694ac5
da4991fcb396a081be3d44fce890389fb19db67c5d72a15c8a41d067be2d2c83
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07119149fb1441cf143c51849d02eaa89603cfb208663a5554f7026c2281475
e0b4d13ae6f4e419d950fecb4c86f04cff92bc1981ee54ccbe599e7cc1334586
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e375d10af2f24fdfe6c67fb4686931ad2b797de53fb88f1f250d39706b73a51d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6a1ce6227062f5e0e7e3ebeddc8c0a18f96c7345be4d8e2d629e8ece2889b
e73a3b3e6a298de2852c6a0c4ec7b97b4ecde62eaf7934b48557859d2308a588
e7481ece37effcad94fbec2ea0f813259a8536d7467e44611fdc91d603460637
ea745eec9ea46d8a06f618f642d52d772bdfe476c2ebb64962bd6abfd2bdf97e
ecdf10d11765565a85d9e402f1d94724ffaa9f8c1a323d82b58357d0fad824ce
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f1a31c79445e8a8b0f732499cc4acc9ec7963f327209be5e08a5a73e9cb54ff0
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f584c5c806d7e630ee79af8ea75f77042b9b6cc3799973e92b166c45ed471ed1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5eadf806b6ca1edd9149bd66ebfd00d410b5feef290bf879f6a783b7ca45045
f70d6d97fa91739b28db85f452f4912398558b1c20e8fb91fa42179dab78a7d9
f7926b51eff289ce8abbcac09cd0314f6f907d2927ade67ef5cdf5258a111914
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b

forum.lowyat.net Open in urlscan Pro 2606:4700:20::ac43:4a59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

215 Requests

94 %HTTPS

64 %IPv6

34 Domains

58 Subdomains

55 IPs

9 Countries

8399 kBTransfer

13430 kBSize

19 Cookies

7 Outgoing links

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forum.lowyat.net Open in urlscan Pro
2606:4700:20::ac43:4a59 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

94 %
HTTPS

64 %
IPv6

34
Domains

58
Subdomains

55
IPs

9
Countries

8399 kB
Transfer

13430 kB
Size

19
Cookies

215 HTTP transactions
4 data transactions