gorillaz-safe-haven.darkbb.com Open in urlscan Pro
178.33.43.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gorillaz-safe-haven.darkbb.com/
Effective URL:
http://gorillaz-safe-haven.darkbb.com/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2019, 9:34:49 pm UTC)

Summary HTTP 102 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 23 domains to perform 102 HTTP transactions. The main IP is 178.33.43.178, located in France and belongs to OVH, FR. The main domain is gorillaz-safe-haven.darkbb.com.

This is the only time gorillaz-safe-haven.darkbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	178.33.43.178 178.33.43.178	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:4700:e2:... 2606:4700:e2::ac40:8b18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2606:4700:30:... 2606:4700:30::681c:1669	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	88.85.66.196 88.85.66.196	35415 (WEBZILLA) (WEBZILLA)
1	2606:4700:30:... 2606:4700:30::6812:3ee8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 3	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	69.173.144.152 69.173.144.152	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
12	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	52.19.198.230 52.19.198.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	34.249.204.108 34.249.204.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 8	34.246.252.247 34.246.252.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:21f... 2600:9000:21f3:2400:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
2	2600:9000:20a... 2600:9000:20ac:8000:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:21f... 2600:9000:21f3:d800:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
102	34

3 178.33.43.178 (France) 1 redirects

ASN16276 (OVH, FR)

gorillaz-safe-haven.darkbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8b18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:30::681c:1669 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

redcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.85.66.196 (Netherlands)

ASN35415 (WEBZILLA, NL)

deloplen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:3ee8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.19.198.230 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.204.108 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com

b.a2gw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.246.252.247 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2400:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ac:8000:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d800:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com s.update.rubiconproject.com	68 KB
13	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	252 KB
11	viglink.com 2 redirects cdn.viglink.com api.viglink.com	42 KB
9	googletagservices.com www.googletagservices.com	216 KB
9	redcdn.net redcdn.net
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	110 B
4	google.de www.google.de adservice.google.de	634 B
4	illiweb.com illiweb.com	19 KB
3	a2gw.com b.a2gw.com
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	deloplen.com deloplen.com	26 KB
3	google-analytics.com 1 redirects www.google-analytics.com	35 KB
3	criteo.net static.criteo.net	27 KB
3	darkbb.com 1 redirects gorillaz-safe-haven.darkbb.com	77 KB
2	taboola.com cdn.taboola.com	131 KB
2	google.com 1 redirects www.google.com	744 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	lijit.com ce.lijit.com	532 B
1	topicit.net connect.topicit.net	2 KB
1	gstatic.com www.gstatic.com	92 KB
1	criteo.com bidder.criteo.com	159 B
1	googletagmanager.com www.googletagmanager.com	27 KB
102	23

	Domain	Requested by
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net gorillaz-safe-haven.darkbb.com
9	s.update.rubiconproject.com	gorillaz-safe-haven.darkbb.com s.update.rubiconproject.com
9	www.googletagservices.com	optimized-by.rubiconproject.com securepubads.g.doubleclick.net
9	redcdn.net	gorillaz-safe-haven.darkbb.com static.criteo.net
8	api.viglink.com	2 redirects cdn.viglink.com
4	illiweb.com	gorillaz-safe-haven.darkbb.com static.criteo.net
3	b.a2gw.com	securepubads.g.doubleclick.net
3	eus.rubiconproject.com	gorillaz-safe-haven.darkbb.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.de	www.googletagservices.com
3	beacon-eu2.rubiconproject.com	gorillaz-safe-haven.darkbb.com
3	optimized-by.rubiconproject.com	ads.rubiconproject.com
3	b.scorecardresearch.com	1 redirects cdn.taboola.com gorillaz-safe-haven.darkbb.com
3	ads.rubiconproject.com	gorillaz-safe-haven.darkbb.com
3	deloplen.com	gorillaz-safe-haven.darkbb.com deloplen.com
3	cdn.viglink.com	gorillaz-safe-haven.darkbb.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com gorillaz-safe-haven.darkbb.com
3	static.criteo.net	gorillaz-safe-haven.darkbb.com
3	gorillaz-safe-haven.darkbb.com	1 redirects gorillaz-safe-haven.darkbb.com
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	cdn.taboola.com	gorillaz-safe-haven.darkbb.com cdn.taboola.com
2	www.google.com	1 redirects gorillaz-safe-haven.darkbb.com
1	pagead2.googlesyndication.com
1	beacon.s-onetag.com	get.s-onetag.com
1	ce.lijit.com	gorillaz-safe-haven.darkbb.com
1	get.s-onetag.com	gorillaz-safe-haven.darkbb.com
1	www.google.de	gorillaz-safe-haven.darkbb.com
1	stats.g.doubleclick.net	1 redirects
1	connect.topicit.net	gorillaz-safe-haven.darkbb.com
1	fonts.googleapis.com	gorillaz-safe-haven.darkbb.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	www.googletagmanager.com	gorillaz-safe-haven.darkbb.com
1	ajax.googleapis.com	gorillaz-safe-haven.darkbb.com
102	34

This site contains links to these domains. Also see Links.

Domain
www.gorillazsafehaven.net....sign
www.forumotion.com
help.forumotion.com

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-09-24` - `2019-12-17`	3 months	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-09-24` - `2019-12-17`	3 months	crt.sh
redcdn.net CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
topicit.net CloudFlare Inc ECC CA-2	`2019-10-06` - `2020-10-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
kazfv.com Sectigo ECC Domain Validation Secure Server CA	`2019-06-05` - `2020-06-04`	a year	crt.sh
*.a2gw.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://gorillaz-safe-haven.darkbb.com/
Frame ID: 95785956AFAE78D00FAC465136781966
Requests: 48 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 70B7527AACBF6DE4B6C5CE8F4C5E32F0
Requests: 10 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 2C5A70B808CBE5993150B9D0B57E17AE
Requests: 20 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/11662.js
Frame ID: 5F09DF8337BE0C0D60ED485D44DCC6B6
Requests: 10 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: 558E9BD0E6F6471FB27D0ED624FB3D53
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Frame ID: 3AA44A9078981A5357FC2F452C3AE084
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Frame ID: 8ADC80D981919A0ECA0A9EA0C2AA87FE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Frame ID: C8FA850AB7C06FA2D91C82EE9D08FD17
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBENKYFSt0lPQRtV7_rL9tS7hteMCEGO_2PzzTEDJoyWlkLRgaOu5srO20ilPnXmYRDWQtOLX7yhyRkAPbSENvYqONKK44yYs-9ZhptlqtvutDa9EhcCcnn6XfuyYFx1d8fpcsdGH2AUHBNJPtRjF5DtUx9u4IMnUJGnZp352pu5mDA6gC1J6O6mfjqSdS5cc6kf6kTYN_DXGOep7SNF3j0l49k3EIrDRC0Cx13etZAUvJZM7V9yC7f23OwtjOG0BNKSiZeTMJMsUGOhfpov4Dac6fMeZnKag&sai=AMfl-YRePHNWz7dSQF2vkeFgugfqVukxlUvTwvzXT9sX3ZcoSo2Hqbohve_VomkWrKA6aUPGqdmCZNoQ4N_aaThBzz8FlEC-vy-s2IL24J92Ug&sig=Cg0ArKJSzNNfpb4Jr9r5EAE&urlfix=1&adurl=
Frame ID: 149C70101CE40C47A3EBF1A055199B81
Requests: 3 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=2044254043
Frame ID: FF28656649246506F12410CD04EAA863
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucTuutA9GgEoFAzjpDEsP-8z8vwEgiOtgfWC7BaZoE1fvwiS3C6cphljyVdebytjO4bEWyDLh755fCkA5hAQjVH2pD-EceAn1d-Ttz_uyMu3G5iWbtVzyX5CRWFyAZbKt77WKkWdERwxYqD8gVC_7VZq00lHVjllJP_vmDQDT_wBpm6zfhv1gwfY51bvmFHx17zyOHHwQiXenzRZNWTfSxR9Yz0UzZwdCwFyyBlEkCfrr5t3keh8jdfy6fTsQny2Z1lhBe02XpKNQZ8iZwm3trOg9d6H3LDw&sai=AMfl-YSw16M-7MYEH2bdws0ZN1Sd4PmBPQbX3tfJK7SI43iKn8ycIlZ3RG-EV_wzb6MwiLZelANQIp8jTQ0cTD3u_OufM8LkqEGoBmnA4Yj9&sig=Cg0ArKJSzDgs7xwMTRnYEAE&urlfix=1&adurl=
Frame ID: 5FB299A51536C27E4FDA257595776EF2
Requests: 4 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=1923411680
Frame ID: 99A9086E44CAABC0DB0EFFCB5D55CF63
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUkmTk8-GBnGV0NyZ7M_2mFeoky8afAv6eng2VOcYMk2bACirLyHne53kpJrwJ3wxLNx_DwVdKo_xfMf4dx2KpIAhZgaFxaei3xIm5VkDaAfSjA3lDRJ2BWmEGHIBQGU-IPYHjcVsWNb3xbDWG0bNPIGbdpfHENzACJroN6ODUNyv0CBBihvGgk0bN03bChUAeSHK5Fq2VuqGHB8aEK1GhxIOTFxHHQPr17psvu9L1u07vrb1NMm_5QmdYneA2Glmd_6OjjVn8kRY4-WdJzYnqFMT1C7Q4qOw&sai=AMfl-YQED7GQldEMEqDzD1vCvhDvrGNyXPtoH5F6ezarXFSXqlnhdVUyeGhYiul5ucQtx8yvX1MqLyqWlpWNKFUQxUFSw4mxcWKQR324dMxWiw&sig=Cg0ArKJSzLJ_Ps4jO_Q_EAE&urlfix=1&adurl=
Frame ID: 7A59866B073BA356BF8BFD9940211CBC
Requests: 3 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=1370827709
Frame ID: E169F857B343FF4D3CCF9E72253CB212
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gorillaz-safe-haven.darkbb.com/ HTTP 301
http://gorillaz-safe-haven.darkbb.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

102
Requests

72 %
HTTPS

56 %
IPv6

23
Domains

34
Subdomains

34
IPs

7
Countries

1070 kB
Transfer

3104 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gorillazsafehaven.net....sign/
Title: http://www.gorillazsafehaven.net....SIGN

Search URL Search Domain Scan URL

URL: https://www.forumotion.com/
Title: Forumotion's free forums

Search URL Search Domain Scan URL

URL: https://www.forumotion.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: http://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gorillaz-safe-haven.darkbb.com/ HTTP 301
http://gorillaz-safe-haven.darkbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=913259621&t=pageview&_s=1&dl=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&ul=en-us&de=windows-1252&dt=Gorillaz-Safe-Haven&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=797194356&gjid=874107995&cid=541385100.1570484072&tid=UA-144337024-1&_gid=617353966.1570484072&_r=1&gtm=2ou9p0&z=2114688711 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_gid=617353966.1570484072&gjid=874107995&_v=j79&z=2114688711 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711&slf_rd=1&random=4116442608

Request Chain 39

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9=

Request Chain 89

http://api.viglink.com/api/sync.js?key=0d80ae9fe71cec9484f682bd59232f9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 90

http://api.viglink.com/api/sync.gif?key=0d80ae9fe71cec9484f682bd59232f9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=1ce745a250c93ed75334791e9842abd6

102 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
gorillaz-safe-haven.darkbb.com/
Redirect Chain

https://gorillaz-safe-haven.darkbb.com/
http://gorillaz-safe-haven.darkbb.com/

100 KB
27 KB

138ms
125ms

Document
text/html

178.33.43.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://gorillaz-safe-haven.darkbb.com/

Protocol

HTTP/1.1

Server

178.33.43.178 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6a7b6a7bd83af43a32f5e8ef1c19c17ea707a8c2dca615f573d1caa74a048fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: gorillaz-safe-haven.darkbb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Mon, 07 Oct 2019 21:34:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 07 Oct 2019 00:00:00 GMT
Last-Modified: Mon, 07 Oct 2019 21:34:31 GMT
Vary: User-Agent
Set-Cookie: exadd=157049; expires=Tue, 08-Oct-2019 01:34:31 GMT; Max-Age=14400
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: HIT
Content-Encoding: gzip

Redirect headers

status: 301
date: Mon, 07 Oct 2019 21:34:31 GMT
content-length: 0
location: http://gorillaz-safe-haven.darkbb.com/
x-cache-ne: HIT

GET
H/1.1 200
OK 0-ltr.css
gorillaz-safe-haven.darkbb.com/ 127 KB
50 KB 194ms
181ms Stylesheet
text/css 178.33.43.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://gorillaz-safe-haven.darkbb.com/0-ltr.css

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

HTTP/1.1

Server

178.33.43.178 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e0e8eb8196059cb377b3422acbd59cea6fc062ba4294f227e12de7d4dc0a6b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Oct 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: MISS
Content-Length: 50786
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 22:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601423
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Sep 2020 22:30:48 GMT

GET
H2 200 notutf8-en.js Show response
illiweb.com/rs3/51/frm/lang/ 69 KB
16 KB 39ms
19ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/lang/notutf8-en.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5d62552362a37173afa11a7e399d1e37a2aab26873e9b31f9b969195c18d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2273758
cf-polished: origSize=71070
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 09 Sep 2019 08:07:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Tue, 06 Oct 2020 21:34:31 GMT
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 5222ffe7cf56977e-FRA
cf-bgj: minify

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 113ms
49ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 28567b9298df1914ea63e0ea93676032cdb92854a9fb100a29a4890230a9ca90

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 18:17:48 GMT
server: nginx
etag: W/"5d8a5dcc-15bb7"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 08 Oct 2019 21:34:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2321a9b67cdba84c641ef6c4e52468e8d3494b5555b23593d44e6a3cb4d922c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
content-encoding: br
last-modified: Mon, 07 Oct 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27197
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:31 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/51/frm/jquery/cookie/ 1011 B
884 B 34ms
14ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2273863
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 5222ffe7cf57977e-FRA
expires: Tue, 06 Oct 2020 21:34:31 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 729 B
563 B 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 465
x-xss-protection: 1; mode=block
expires: Mon, 07 Oct 2019 21:34:31 GMT

GET
H2 404 ndvd003zm9.png
redcdn.net/ihimizer/img205/4596/ 0
0 445ms
400ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img205/4596/ndvd003zm9.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 ultrasmallballme8.png
redcdn.net/ihimizer/img471/9422/ 0
0 391ms
346ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img471/9422/ultrasmallballme8.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 iconmininavah5.gif
redcdn.net/ihimizer/img245/6678/ 0
0 372ms
370ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img245/6678/iconmininavah5.gif
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
161 B 12ms
10ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19860732
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5222ffe9391e977e-FRA
expires: Tue, 06 Oct 2020 21:34:31 GMT

GET
H2 404 largeballlockedta2.png
redcdn.net/ihimizer/img471/637/ 0
0 361ms
360ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img471/637/largeballlockedta2.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 bonesywhitewalkqj9.gif
redcdn.net/ihimizer/img515/9564/ 0
0 359ms
358ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img515/9564/bonesywhitewalkqj9.gif
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 largeballnewmq7.png
redcdn.net/ihimizer/img182/8017/ 0
0 365ms
364ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img182/8017/largeballnewmq7.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 largeballqc2.png
redcdn.net/ihimizer/img471/40/ 0
0 357ms
355ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img471/40/largeballqc2.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5065
date: Mon, 07 Oct 2019 20:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 07 Oct 2019 22:10:06 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forumotion-en-2/ 79 KB
19 KB 44ms
29ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4497f7534258a32f6a6f1d2683d25c70754d130efc8ecc2b585afcbadf8317e

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: .xNSZMNVdNiaIka4oKUswp4Uucf9ozD8
Content-Encoding: gzip
ETag: "58c8e938e9531a34fd59a9281bdc5264"
Age: 117
X-Cache: HIT
Connection: keep-alive
Content-Length: 18587
x-amz-id-2: eQ/hOpSXbaqEu7Ql/rTxSObThYaqdP784jnKlnDGyaLgi7HL7dmg5nOS2ylg8kPEkG5VkuGhw5c=
X-Served-By: cache-hhn4040-HHN
Last-Modified: Wed, 02 Oct 2019 11:58:46 GMT
Server: AmazonS3
X-Timer: S1570484072.905412,VS0,VE0
Date: Mon, 07 Oct 2019 21:34:31 GMT
Vary: Accept-Encoding
x-amz-request-id: E9A9979E43AB321A
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 30
X-Cache-Hits: 1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
159 B 48ms
16ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=74&profileId=206&cb=37958079856
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Mon, 07 Oct 2019 21:34:31 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://gorillaz-safe-haven.darkbb.com
timing-allow-origin: *
vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/ 262 KB
92 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Sep 2019 00:09:51 GMT
server: sffe
age: 289676
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94031
x-xss-protection: 0
expires: Sat, 03 Oct 2020 13:06:35 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

7ms
5ms

Script
text/javascript

2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5065
date: Mon, 07 Oct 2019 20:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 07 Oct 2019 22:10:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 404 cloudybubbleyy4.png
redcdn.net/ihimizer/img174/6070/ 0
0 358ms
357ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img174/6070/cloudybubbleyy4.png
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 33ms
30ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Oct 2020 21:34:31 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 33ms
31ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Oct 2020 21:34:31 GMT

GET
H2 404 headerbarfu1.png
redcdn.net/ihimizer/img512/9228/ 0
0 355ms
353ms Image
text/html 2606:4700:30::681c:1669
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcdn.net/ihimizer/img512/9228/headerbarfu1.png
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 sprite_icons.png
illiweb.com/fa/ 1 KB
2 KB 12ms
10ms Image
image/png 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/sprite_icons.png

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7238200
status: 200
content-length: 1459
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:49 GMT
server: cloudflare
etag: "5739a89d-5b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5222ffe9493a977e-FRA
expires: Tue, 06 Oct 2020 21:34:31 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 48ms
35ms Script
text/javascript 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1822740
CF-RAY: 5222ffe97ae5cbcc-VIE
Connection: keep-alive
Content-Length: 27719
x-amz-id-2: GUMVId8hJNJ2q62EPig17g1egW/ThBglsGIDzrY2oWrXkfF4pAlhmMtC9+MxlzUS/LOg0+Koy7s=
Last-Modified: Mon, 16 Sep 2019 19:15:01 GMT
Server: cloudflare
ETag: "1545d811432c0074356408ee8f6c1e23"
Vary: Accept-Encoding
x-amz-request-id: AD7180B7B2CDBE1C
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 07 Oct 2019 22:04:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
882 B 28ms
16ms Font
text/css 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
Origin: http://gorillaz-safe-haven.darkbb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 07 Oct 2019 21:34:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 07 Oct 2019 21:34:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:31 GMT

GET
H/1.1 200
OK apu.php Show response
deloplen.com/ 2 KB
3 KB 34ms
20ms XHR
application/json 88.85.66.196
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://deloplen.com/apu.php?zoneid=2827263&oo=1

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

HTTP/1.1

Server

88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

289f8ccef7900bd967986bce7ccb5996bb0effafd0dcbc177f1a14e04c8c31e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:31 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2370
X-Trace-Id: bbfa5e4707c25c4351bc7b51187bc22a
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
deloplen.com/ 63 KB
23 KB 32ms
18ms Script
application/javascript 88.85.66.196
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://deloplen.com/tag.min.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

HTTP/1.1

Server

88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e60ba8e0146cf3c4ead9cb6d8b4634c5f887d4eb849759c237076222622144e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 22670
X-Trace-Id: 0dcd129b4a84307bb522e7d9ff7fa4a9
Pragma: no-cache
Last-Modified: Fri, 04 Oct 2019 10:27:16 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 63ms
19ms Script
application/javascript 2606:4700:30::6812:3ee8
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3ee8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5321
cf-polished: origSize=5437
status: 200
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 5222ffea080b8c8c-VIE
expires: Tue, 08 Oct 2019 21:34:32 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=913259621&t=pageview&_s=1&dl=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&ul=en-us&de=windows-1252&dt=Gorillaz-Safe-Haven&sd=24-bit&sr=1600...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_gid=617353966.1570484072&gjid=874107995&_v=j79&z=2114688711
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711&slf_rd=1&random=4116442608

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711&slf_rd=1&random=4116442608

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Oct 2019 21:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Oct 2019 21:34:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=541385100.1570484072&jid=797194356&_v=j79&z=2114688711&slf_rd=1&random=4116442608
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 70B7 26 KB
8 KB 74ms
23ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10088
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Tue, 08 Oct 2019 00:22:40 GMT

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 2C5A 26 KB
8 KB 77ms
27ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10088
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Tue, 08 Oct 2019 00:22:40 GMT

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 5F09 26 KB
8 KB 84ms
29ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10088
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Tue, 08 Oct 2019 00:22:40 GMT

GET
H/1.1 200
OK impl.20191002-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 394 KB
112 KB 22ms
21ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20191002-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cae80c9382e2b3e8045ba09797fd66d1a65a936d70af2eed09897be81ea436e

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: MWFHdpWI_mQOMXUM8TI1gLlg0gl1K5pN
Content-Encoding: gzip
ETag: "c863c8ea08069847bb5c761bac45dda6"
Age: 102
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113914
x-amz-id-2: KZQ331HLPwKAM5p4SgPTw91EVwLUW1F6iCeqHyNr6GY8BJhdcyit1/M+5leJD7g4m2xQYShBEKA=
X-Served-By: cache-hhn4040-HHN
Last-Modified: Wed, 02 Oct 2019 22:32:20 GMT
Server: AmazonS3
X-Timer: S1570484072.000226,VS0,VE0
Date: Mon, 07 Oct 2019 21:34:32 GMT
Vary: Accept-Encoding
x-amz-request-id: EC5559FF9EDC3E26
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 94
X-Cache-Hits: 389

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 46ms
31ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forumotion-en-2/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Tue, 08 Oct 2019 21:34:32 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 20ms
20ms Image
image/gif 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=9.071827912166082
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 13
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5222ffea1c55cbcc-VIE
x-amz-request-id: 7C008DC6E3D36B66
x-amz-id-2: byIESWjZ26LmaQnvdZ6MAkOHeseLnXRMIoey2mnuKyyc7/qxMnBtjp4a+4vmMhYtkt4EbPnvBIE=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 35ms
23ms Image
image/gif 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=9.071827912166082
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 13
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5222ffea2ec78c68-VIE
x-amz-request-id: 7C008DC6E3D36B66
x-amz-id-2: byIESWjZ26LmaQnvdZ6MAkOHeseLnXRMIoey2mnuKyyc7/qxMnBtjp4a+4vmMhYtkt4EbPnvBIE=

GET
H/1.1 204
No Content fac.php
deloplen.com/ Frame 558E 0
0 17ms
17ms Document
text/html 88.85.66.196
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://deloplen.com/fac.php

Requested by

Host: deloplen.com
URL: http://deloplen.com/tag.min.js

Protocol

HTTP/1.1

Server

88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: deloplen.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Server: nginx
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 96695d694a5f5ebe894d3b56c5dbae74
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9=
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9=

0
248 B

23ms
23ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9=
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570484072039&ns_c=windows-1252&cv=3.1&c8=Gorillaz-Safe-Haven&c7=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&c9=
Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 151376-2.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame 70B7 2 KB
2 KB 111ms
97ms Script
text/javascript 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.7496398907760378&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 0d5fef03d6f2b7b0b59b25d291da18e33a14b2965a7bf3894dfa416dc933510c

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=221
Content-Length: 937
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 151378-15.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame 2C5A 2 KB
2 KB 121ms
108ms Script
text/javascript 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.8194008146466858&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 794f141f54bae10d17a209fcf251fa1c8d1cb777d166b2b57aec7605b65d6fce

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=339
Content-Length: 1082
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 151378-15.js Show response
optimized-by.rubiconproject.com/a/11662/36514/ Frame 5F09 2 KB
2 KB 89ms
76ms Script
text/javascript 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.6234494275751279&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 92fd87eafc99414b9d9650801399735d95ce7acbe6f66686906be648c565a016

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=151
Content-Length: 939
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5F09 44 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.6234494275751279&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c10a148892c2211d3ab20016046b711a19f9bff2c491fa3eb38873c8a01d1ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "302 / 791 of 1000 / last-modified: 1570464397"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14485
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H/1.1 200
OK 60be47b2-ad8c-41b9-9571-119c54e13929
beacon-eu2.rubiconproject.com/beacon/d/ Frame 5F09 43 B
268 B 45ms
31ms Image
image/webp 69.173.144.152
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/60be47b2-ad8c-41b9-9571-119c54e13929?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563BD6E8031712A94900E6ACBADC037EFBA99A75A4B76051ACC4D9603598DD78CDCD4AE28A72F170F3F9E4A9AFA6E089EF844D0B602DF0DF2949015B15DA7E2E4FC38B765CD22D582F4FAC237D6FA0EBFC9A6240B348FC26EBCFD25E0D1C938904F6062AEAC84D21D5FB846438D02B7D9E8383009FDB9DE7981633F8630F2FDB6069
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 70B7 44 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.7496398907760378&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c10a148892c2211d3ab20016046b711a19f9bff2c491fa3eb38873c8a01d1ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "302 / 532 of 1000 / last-modified: 1570464397"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14485
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H/1.1 200
OK 0d52511e-a265-46f5-b003-ddd271155d8e
beacon-eu2.rubiconproject.com/beacon/d/ Frame 70B7 43 B
268 B 51ms
38ms Image
image/webp 69.173.144.152
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/0d52511e-a265-46f5-b003-ddd271155d8e?oo=0&accountId=11662&siteId=36514&zoneId=151376&sizeId=2&e=6A1E40E384DA563BF06B832CAE19044B4429C3E3764DEDCB87191353D532E0EF5FEA51D74D480D965ED9F8CFD94D465DE4A9AFA6E089EF84A9E419BDC7BB1B6C015B15DA7E2E4FC38B765CD22D582F4FAC237D6FA0EBFC9A6240B348FC26EBCFD25E0D1C938904F63205C398BE8C239D48F66CF8DF59DCFA83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2C5A 44 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.8194008146466858&tk_st=1&rf=http%3A//gorillaz-safe-haven.darkbb.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=36514_15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c10a148892c2211d3ab20016046b711a19f9bff2c491fa3eb38873c8a01d1ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "302 / 811 of 1000 / last-modified: 1570464397"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14485
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H/1.1 200
OK 0ea44fa1-063b-4a83-ad96-149055c51545
beacon-eu2.rubiconproject.com/beacon/d/ Frame 2C5A 43 B
268 B 45ms
31ms Image
image/webp 69.173.144.152
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/0ea44fa1-063b-4a83-ad96-149055c51545?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563B1053DA026CB09599FA8D466B919732B434A7900FD7DD2D958695B4BA8DAF65A10D92FFC3BC48E78CE4A9AFA6E089EF844D0B602DF0DF2949015B15DA7E2E4FC38B765CD22D582F4FAC237D6FA0EBFC9A6240B348FC26EBCF92977AA538F13602406987E74C611F7D4789DD774120B5BED82D574BB593C59832997889F1DA11D8
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F09 157 KB
58 KB 55ms
55ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 5F09 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=gorillaz-safe-haven.darkbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 70B7 157 KB
58 KB 57ms
55ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 70B7 113 B
175 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=gorillaz-safe-haven.darkbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2C5A 157 KB
58 KB 55ms
54ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 2C5A 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=gorillaz-safe-haven.darkbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5F09 4 KB
2 KB 149ms
148ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2115215790114564&correlator=3291706211132950&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062899&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191007&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1570484072&dt=1570484072307&dlt=1570484071973&idt=321&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=825&ady=3444&adk=3480591353&uci=6rtlpflypauq&ifi=1&ifk=3064920064&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&top=gorillaz-safe-haven.darkbb.com&dssz=6&icsg=90&mso=1&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=541385100.1570484072&ga_sid=1570484072&ga_hid=860223665&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e7643cd700867e5b598c805f941fd1f5c2d992fff3a54e840d29bb1f45950e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2005
x-xss-protection: 0
google-lineitem-id: 227267817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 107686126137
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://gorillaz-safe-haven.darkbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F09 63 KB
24 KB 59ms
59ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 5F09 0
0 5ms
5ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 3AA4 0
0 72ms
27ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvD5nIonwVQx3p4OTUmjlSMWMNerlho/RRR2s2jWpYWaqeROXM2CgBwb+s0YWglIGuh8nVZDhR1578z/6X/8LU67/VKHeNV//BKScnRhnUyufkqJkCalWxg==; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1GXO1IW-10-KDE; audit=1|hLZGFuTafB0SbGwmX0zfLv+gjGkiKpKLO6rXb8syotFPUKh2kESKoNDTykIcqG3blwZ8ebTRHeQQWJzeFG8ZqfZ9Z2S9uzVAFW5UglrqlyugzJicGOszpQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 03 Oct 2019 21:35:34 GMT
Content-Encoding: gzip
Content-Length: 7651
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51922
Expires: Tue, 08 Oct 2019 11:59:54 GMT
Date: Mon, 07 Oct 2019 21:34:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 70B7 4 KB
2 KB 142ms
141ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2036442885153460&correlator=1904121365016019&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062415%2C21064591&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191007&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1570484072&dt=1570484072330&dlt=1570484071967&idt=357&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=115&adk=442451065&uci=l9t92aul7lys&ifi=1&ifk=2462413785&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&top=gorillaz-safe-haven.darkbb.com&dssz=6&icsg=90&mso=1&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=541385100.1570484072&ga_sid=1570484072&ga_hid=1638342972&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4968f7fd818cc103c5717ede6e21ce83cdf24565f6da44cf43d5d2a281378c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1994
x-xss-protection: 0
google-lineitem-id: 227269977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 80630180577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://gorillaz-safe-haven.darkbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 70B7 63 KB
24 KB 66ms
66ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 70B7 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2C5A 4 KB
2 KB 198ms
197ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2137873559558244&correlator=2121727076384679&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062420&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191007&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1570484072&dt=1570484072343&dlt=1570484071970&idt=366&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=461&ady=3444&adk=3480591353&uci=cqovfszg8w7p&ifi=1&ifk=3064920064&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&top=gorillaz-safe-haven.darkbb.com&dssz=6&icsg=90&mso=1&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=541385100.1570484072&ga_sid=1570484072&ga_hid=294417077&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3466b9b43af5d458b6ea7f905f6d772957e6ce39d756ca201f5ece70f3c2c7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2051
x-xss-protection: 0
google-lineitem-id: 227267817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 107686126137
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://gorillaz-safe-haven.darkbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2C5A 63 KB
24 KB 56ms
55ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 2C5A 0
0 5ms
5ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 8ADC 0
0 80ms
37ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvD5nIonwVQx3p4OTUmjlSMWMNerlho/RRR2s2jWpYWaqeROXM2CgBwb+s0YWglIGuh8nVZDhR1578z/6X/8LU67/VKHeNV//BKScnRhnUyufkqJkCalWxg==; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1GXO1IW-10-KDE; audit=1|hLZGFuTafB0SbGwmX0zfLv+gjGkiKpKLO6rXb8syotFPUKh2kESKoNDTykIcqG3blwZ8ebTRHeQQWJzeFG8ZqfZ9Z2S9uzVAFW5UglrqlyugzJicGOszpQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 03 Oct 2019 21:35:34 GMT
Content-Encoding: gzip
Content-Length: 7651
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51922
Expires: Tue, 08 Oct 2019 11:59:54 GMT
Date: Mon, 07 Oct 2019 21:34:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 2C5A 4 KB
2 KB 129ms
30ms Script
application/javascript 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=gorillaz-safe-haven.darkbb.com&ap=&dm=15&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dc7c6eac1498db91155aedf848200927ed35c8051025ca21fbae35d86a912a8c

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Vary: *
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2142
Expires: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C8FA 0
0 80ms
37ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvD5nIonwVQx3p4OTUmjlSMWMNerlho/RRR2s2jWpYWaqeROXM2CgBwb+s0YWglIGuh8nVZDhR1578z/6X/8LU67/VKHeNV//BKScnRhnUyufkqJkCalWxg==; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1GXO1IW-10-KDE; audit=1|hLZGFuTafB0SbGwmX0zfLv+gjGkiKpKLO6rXb8syotFPUKh2kESKoNDTykIcqG3blwZ8ebTRHeQQWJzeFG8ZqfZ9Z2S9uzVAFW5UglrqlyugzJicGOszpQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 03 Oct 2019 21:35:34 GMT
Content-Encoding: gzip
Content-Length: 7651
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51922
Expires: Tue, 08 Oct 2019 11:59:54 GMT
Date: Mon, 07 Oct 2019 21:34:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 149C 0
246 B 33ms
32ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBENKYFSt0lPQRtV7_rL9tS7hteMCEGO_2PzzTEDJoyWlkLRgaOu5srO20ilPnXmYRDWQtOLX7yhyRkAPbSENvYqONKK44yYs-9ZhptlqtvutDa9EhcCcnn6XfuyYFx1d8fpcsdGH2AUHBNJPtRjF5DtUx9u4IMnUJGnZp352pu5mDA6gC1J6O6mfjqSdS5cc6kf6kTYN_DXGOep7SNF3j0l49k3EIrDRC0Cx13etZAUvJZM7V9yC7f23OwtjOG0BNKSiZeTMJMsUGOhfpov4Dac6fMeZnKag&sai=AMfl-YRePHNWz7dSQF2vkeFgugfqVukxlUvTwvzXT9sX3ZcoSo2Hqbohve_VomkWrKA6aUPGqdmCZNoQ4N_aaThBzz8FlEC-vy-s2IL24J92Ug&sig=Cg0ArKJSzNNfpb4Jr9r5EAE&urlfix=1&adurl=

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame FF28 0
0 149ms
33ms Document
text/html 34.249.204.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=2044254043
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Oct 2019 21:34:32 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 281
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 149C 78 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b55f0e65314298aa6644034ba593878fdaa54d2110c57c35857a46fa54361fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29696
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F09 77 KB
29 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

03cdd154a67240548616e679dde7dd00a53bbfb48697a1635bafef7fd09406c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29127
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 5FB2 0
57 B 32ms
32ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucTuutA9GgEoFAzjpDEsP-8z8vwEgiOtgfWC7BaZoE1fvwiS3C6cphljyVdebytjO4bEWyDLh755fCkA5hAQjVH2pD-EceAn1d-Ttz_uyMu3G5iWbtVzyX5CRWFyAZbKt77WKkWdERwxYqD8gVC_7VZq00lHVjllJP_vmDQDT_wBpm6zfhv1gwfY51bvmFHx17zyOHHwQiXenzRZNWTfSxR9Yz0UzZwdCwFyyBlEkCfrr5t3keh8jdfy6fTsQny2Z1lhBe02XpKNQZ8iZwm3trOg9d6H3LDw&sai=AMfl-YSw16M-7MYEH2bdws0ZN1Sd4PmBPQbX3tfJK7SI43iKn8ycIlZ3RG-EV_wzb6MwiLZelANQIp8jTQ0cTD3u_OufM8LkqEGoBmnA4Yj9&sig=Cg0ArKJSzDgs7xwMTRnYEAE&urlfix=1&adurl=

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame 99A9 0
0 143ms
34ms Document
text/html 34.249.204.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=1923411680
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Oct 2019 21:34:32 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 280
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FB2 78 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b55f0e65314298aa6644034ba593878fdaa54d2110c57c35857a46fa54361fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29696
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70B7 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

03cdd154a67240548616e679dde7dd00a53bbfb48697a1635bafef7fd09406c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29127
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 128ms
32ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?oz_pl=1&ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=gorillaz-safe-haven.darkbb.com&ap=&dm=15&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:32 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK main.js Show response
s.update.rubiconproject.com/2/4.49.0/ Frame 2C5A 114 KB
34 KB 30ms
30ms Script
application/javascript 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=gorillaz-safe-haven.darkbb.com&ap=&dm=15&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3df99a88c494f55ff3f61337c4a9d72d2b75f6c4f5c0cf98c56bab46d51bf04c

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, no-transform, immutable, max-age=9999999
Timing-Allow-Origin: *
Content-Length: 34041
Expires: Wed, 01 Jan 2020 00:00:00 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 304 B
1000 B 100ms
69ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 54bda933f52d9e5063858b6d935d93a2dd0a5aedeebdb1be6a422cfd5190e9ec

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 149C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f53fdb27b8ae9b9668b391d27c75b7ad78bb4ef1ee194fa5f4c2b0185bd4983

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5FB2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba355426d6d4d2f03afe1ee03aa860eb261fca6a9b1be99131eb86fc96ce5479

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 83ms
32ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648&oz_tc=Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9&oz_sc=dcacdc51294dfa1b37caea68&oz_st=1570484072484&oz_v=4.49.0&dp=gorillaz-safe-haven.darkbb.com&oz_df=78&oz_l=3123&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:32 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 115ms
32ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?oz_pl=1&ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=gorillaz-safe-haven.darkbb.com&ap=&dm=15&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:32 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
BLOB 200
OK a89a6a1c-a9bb-4b90-bf2f-c7379450c884
http://gorillaz-safe-haven.darkbb.com/ Frame 2C5A 476 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://gorillaz-safe-haven.darkbb.com/a89a6a1c-a9bb-4b90-bf2f-c7379450c884
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 476

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7A59 0
57 B 33ms
32ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUkmTk8-GBnGV0NyZ7M_2mFeoky8afAv6eng2VOcYMk2bACirLyHne53kpJrwJ3wxLNx_DwVdKo_xfMf4dx2KpIAhZgaFxaei3xIm5VkDaAfSjA3lDRJ2BWmEGHIBQGU-IPYHjcVsWNb3xbDWG0bNPIGbdpfHENzACJroN6ODUNyv0CBBihvGgk0bN03bChUAeSHK5Fq2VuqGHB8aEK1GhxIOTFxHHQPr17psvu9L1u07vrb1NMm_5QmdYneA2Glmd_6OjjVn8kRY4-WdJzYnqFMT1C7Q4qOw&sai=AMfl-YQED7GQldEMEqDzD1vCvhDvrGNyXPtoH5F6ezarXFSXqlnhdVUyeGhYiul5ucQtx8yvX1MqLyqWlpWNKFUQxUFSw4mxcWKQR324dMxWiw&sig=Cg0ArKJSzLJ_Ps4jO_Q_EAE&urlfix=1&adurl=

Requested by

Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Oct 2019 21:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame E169 0
0 69ms
32ms Document
text/html 34.249.204.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=1370827709
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://gorillaz-safe-haven.darkbb.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://gorillaz-safe-haven.darkbb.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Oct 2019 21:34:32 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 281
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A59 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b55f0e65314298aa6644034ba593878fdaa54d2110c57c35857a46fa54361fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29696
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C5A 77 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

03cdd154a67240548616e679dde7dd00a53bbfb48697a1635bafef7fd09406c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 21:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570187668844456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29127
x-xss-protection: 0
expires: Mon, 07 Oct 2019 21:34:32 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 69ms
31ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648&oz_tc=Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9&oz_sc=dcacdc51294dfa1b37caea68&oz_st=1570484072484&oz_v=4.49.0&dp=gorillaz-safe-haven.darkbb.com&oz_df=133&oz_l=4593&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:32 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=0d80ae9fe71cec9484f682bd59232f9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

17ms
6ms

Script
text/javascript

2600:9000:21f3:2400:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 2600:9000:21f3:2400:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 372
Date: Mon, 07 Oct 2019 21:30:43 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: b4AXq3x0_uELXUpSeks6oOg6AFs3XlG5hi9v1-hxQNOUKEbQdmqDNw==

Redirect headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=0d80ae9fe71cec9484f682bd59232f9e
http://ce.lijit.com/merge?pid=8008&3pid=1ce745a250c93ed75334791e9842abd6

0
532 B

35ms
21ms

Image
text/html

72.251.249.9
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=1ce745a250c93ed75334791e9842abd6
Requested by: Host: gorillaz-safe-haven.darkbb.com
URL: http://gorillaz-safe-haven.darkbb.com/
Protocol: HTTP/1.1
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap3ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://ce.lijit.com/merge?pid=8008&3pid=1ce745a250c93ed75334791e9842abd6
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
503 B 57ms
48ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 769f23c89473bfa38949d62333ca2cf620ec9fa33839545c77e1435e3cbe24a8

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7A59 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 436b05bfdf8fc4237eb77e1c48c6ca6335cc9279035180344739a937e5ad1ea1

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 44 KB
7 KB 99ms
86ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 37eaa3ba2893c4e36694d727de5a4e514c936425c589680f972fffaf490a278f

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 6995
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
590 B 495ms
470ms XHR
application/json 2600:9000:20ac:8000:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Server: 2600:9000:20ac:8000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0e050f9a5bf10df9f61597a26488064c02aeb24324ee6ef873c3681ed05663ef

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:33 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront), 1.1 472d4cc0196b47296b184116698506c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1, PRG50
x-amzn-RequestId: 6ab337a2-a570-4968-a76c-0f1507c209c0
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: BNhYcEadSK4Fs1Q=
Content-Length: 23
X-Amz-Cf-Id: SZAFVvMq1GIQXUTah6suIdKCBVcyfdeBcpvKPjBKy0apicKPhdfEiw==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 36ms
7ms Script
application/javascript 2600:9000:21f3:d800:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:d800:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 318
date: Mon, 07 Oct 2019 21:29:15 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qyRY83ef23ano3oeNfXX9fcqMV-PrmOr8mMoxi5t_a4smAXhTFYKEg==
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 33ms
33ms XHR
text/html 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 202
Accepted inserted Show response
api.viglink.com/api/ 0
421 B 38ms
37ms XHR
text/plain 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/inserted
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 31ms
31ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648&oz_tc=Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9&oz_sc=dcacdc51294dfa1b37caea68&oz_st=1570484072484&oz_v=4.49.0&dp=gorillaz-safe-haven.darkbb.com&oz_df=334&oz_l=83&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:32 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 44ms
44ms XHR
text/html 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 07 Oct 2019 21:34:32 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://gorillaz-safe-haven.darkbb.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FB2 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCLPRyK7s1J6_Nipo0MulYqIRYruAnfvUxPhw5ewfXbghsHxvrF3YqWZ_31wtQg7VTAlszGJCSgffSIDq3eyWyeXox5yBDNdQw8sSIt_c&sig=Cg0ArKJSzBi0Uvm3GTQjEAE&adk=442451065&tt=1266&bs=1585%2C1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&p=0,0,90,728&mcvt=1006&rs=3&ht=0&tfs=263&tls=1269&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=4&niot_cbk=75&md=2&lm=2&rst=1570484072480&rpt=178&isd=0&ext=mvo%3D-1%26brt%3D310&oseid=3&xdi=0&ps=1585%2C3762&ss=1600%2C1200&pt=4&bin=1&deb=1-1-1-3-12-5-20-12-0-0-0&tvt=1266&is=728%2C90&iframe_loc=http%3A%2F%2Fgorillaz-safe-haven.darkbb.com%2F&r=v&id=osdim&vs=4&za&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Oct 2019 21:34:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 31ms
31ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648&oz_tc=Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9&oz_sc=dcacdc51294dfa1b37caea68&oz_st=1570484072484&oz_v=4.49.0&dp=gorillaz-safe-haven.darkbb.com&oz_df=5134&oz_l=34&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:37 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/ Frame 2C5A 2 B
159 B 31ms
31ms XHR
text/plain 52.19.198.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/4.49.0/873648/Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9/postback?ap=&si=36514&di=gorillaz-safe-haven.darkbb.com&dt=8736481428691810142000&dm=15&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&pi=151378&ti=0ea44fa1-063b-4a83-ad96-149055c51545&ci=873648&oz_tc=Y9c_oCx88POHhJoD7G7e4kB3K3yH6oD9&oz_sc=dcacdc51294dfa1b37caea68&oz_st=1570484072484&oz_v=4.49.0&dp=gorillaz-safe-haven.darkbb.com&oz_df=6134&oz_l=91&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/4.49.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Oct 2019 21:34:38 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
589 B 21ms
21ms XHR
application/json 2600:9000:20ac:8000:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Server: 2600:9000:20ac:8000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0e050f9a5bf10df9f61597a26488064c02aeb24324ee6ef873c3681ed05663ef

Request headers

Referer: http://gorillaz-safe-haven.darkbb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 21:34:33 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront), 1.1 472d4cc0196b47296b184116698506c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1, PRG50
x-amzn-RequestId: 6ab337a2-a570-4968-a76c-0f1507c209c0
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: BNhYcEadSK4Fs1Q=
Content-Length: 23
X-Amz-Cf-Id: NwTINPoT7fvejX0Ht-N2Dn631waJU2bmfGxxVOhHynoGk-xB5efk4g==

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gorillaz-safe-haven.darkbb.com/	1970-01-19 04:36:20	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.rubiconproject.com/	1970-01-19 04:15:14	Name: ses2 Value: 36514^1
.rubiconproject.com/	1970-01-19 13:00:20	Name: khaos Value: K1GXO1IW-10-KDE
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvD5nIonwVQx3p4OTUmjlSMWMNerlho/RRR2s2jWpYWaqeROXM2CgBwb+s0YWglIGuh8nVZDhR1578z/6X/8LU67/VKHeNV//BKScnRhnUyufkqJkCalWxg==
.rubiconproject.com/	1970-01-19 04:15:14	Name: vis15 Value: 36514^1
.rubiconproject.com/	1970-01-19 04:15:14	Name: ses15 Value: 36514^1
.darkbb.com/	1970-01-19 04:14:44	Name: _gat_gtag_UA_144337024_1 Value: 1
.darkbb.com/	1970-01-19 04:16:10	Name: _gid Value: GA1.2.617353966.1570484072
.rubiconproject.com/	1970-01-19 13:00:20	Name: audit Value: 1\|hLZGFuTafB0SbGwmX0zfLv+gjGkiKpKLO6rXb8syotFPUKh2kESKoNDTykIcqG3blwZ8ebTRHeQQWJzeFG8ZqfZ9Z2S9uzVAFW5UglrqlyugzJicGOszpQ==
.darkbb.com/	1970-01-19 21:45:56	Name: _ga Value: GA1.2.541385100.1570484072
.rubiconproject.com/	1970-01-19 04:15:14	Name: vis2 Value: 36514^1
.darkbb.com/	1970-01-19 21:45:56	Name: __gads Value: ID=e80bcdc5271c95a7:T=1570484072:S=ALNI_MbUXiUjJaTjTO8z91EuvNE3KwyViw
gorillaz-safe-haven.darkbb.com/	1970-01-19 04:14:58	Name: exadd Value: 157049

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://gorillaz-safe-haven.darkbb.com/(Line 45) Message: {"w":1600,"h":1200}
console-api	log	URL: http://gorillaz-safe-haven.darkbb.com/(Line 311) Message: Failed to register service worker.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.de
ajax.googleapis.com
api.viglink.com
b.a2gw.com
b.scorecardresearch.com
beacon-eu2.rubiconproject.com
beacon.s-onetag.com
bidder.criteo.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
connect.topicit.net
deloplen.com
eus.rubiconproject.com
fonts.googleapis.com
get.s-onetag.com
gorillaz-safe-haven.darkbb.com
illiweb.com
onetag-geo.s-onetag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
redcdn.net
s.update.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.109.78.125
104.111.230.142
151.101.114.2
172.217.16.162
178.250.0.130
178.250.2.152
178.33.43.178
2.16.186.51
2600:9000:20ac:8000:5:ae3a:ba00:93a1
2600:9000:21f3:2400:1f:287:d20a:ce1
2600:9000:21f3:d800:5:9a4c:9b00:93a1
2606:4700:30::6812:3ee8
2606:4700:30::681c:1669
2606:4700::6810:a00d
2606:4700:e2::ac40:8b18
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200a
2a00:1450:4001:817::2002
2a00:1450:4001:818::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::2001
2a00:1450:4001:824::2003
2a00:1450:4001:825::2002
2a00:1450:400c:c07::9d
34.246.252.247
34.249.204.108
52.19.198.230
69.173.144.142
69.173.144.152
72.251.249.9
88.85.66.196
03cdd154a67240548616e679dde7dd00a53bbfb48697a1635bafef7fd09406c4
0cae80c9382e2b3e8045ba09797fd66d1a65a936d70af2eed09897be81ea436e
0d5fef03d6f2b7b0b59b25d291da18e33a14b2965a7bf3894dfa416dc933510c
0e050f9a5bf10df9f61597a26488064c02aeb24324ee6ef873c3681ed05663ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28567b9298df1914ea63e0ea93676032cdb92854a9fb100a29a4890230a9ca90
289f8ccef7900bd967986bce7ccb5996bb0effafd0dcbc177f1a14e04c8c31e5
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad
33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa
3466b9b43af5d458b6ea7f905f6d772957e6ce39d756ca201f5ece70f3c2c7a7
37eaa3ba2893c4e36694d727de5a4e514c936425c589680f972fffaf490a278f
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3df99a88c494f55ff3f61337c4a9d72d2b75f6c4f5c0cf98c56bab46d51bf04c
3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
436b05bfdf8fc4237eb77e1c48c6ca6335cc9279035180344739a937e5ad1ea1
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4968f7fd818cc103c5717ede6e21ce83cdf24565f6da44cf43d5d2a281378c70
54bda933f52d9e5063858b6d935d93a2dd0a5aedeebdb1be6a422cfd5190e9ec
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
6a7b6a7bd83af43a32f5e8ef1c19c17ea707a8c2dca615f573d1caa74a048fac
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6f53fdb27b8ae9b9668b391d27c75b7ad78bb4ef1ee194fa5f4c2b0185bd4983
769f23c89473bfa38949d62333ca2cf620ec9fa33839545c77e1435e3cbe24a8
794f141f54bae10d17a209fcf251fa1c8d1cb777d166b2b57aec7605b65d6fce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
92fd87eafc99414b9d9650801399735d95ce7acbe6f66686906be648c565a016
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b
b55f0e65314298aa6644034ba593878fdaa54d2110c57c35857a46fa54361fab
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
ba355426d6d4d2f03afe1ee03aa860eb261fca6a9b1be99131eb86fc96ce5479
c10a148892c2211d3ab20016046b711a19f9bff2c491fa3eb38873c8a01d1ce7
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2321a9b67cdba84c641ef6c4e52468e8d3494b5555b23593d44e6a3cb4d922c
d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc7c6eac1498db91155aedf848200927ed35c8051025ca21fbae35d86a912a8c
e0e8eb8196059cb377b3422acbd59cea6fc062ba4294f227e12de7d4dc0a6b8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ba8e0146cf3c4ead9cb6d8b4634c5f887d4eb849759c237076222622144e9
e7643cd700867e5b598c805f941fd1f5c2d992fff3a54e840d29bb1f45950e3b
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec5d62552362a37173afa11a7e399d1e37a2aab26873e9b31f9b969195c18d91
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4497f7534258a32f6a6f1d2683d25c70754d130efc8ecc2b585afcbadf8317e

gorillaz-safe-haven.darkbb.com Open in urlscan Pro 178.33.43.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

72 %HTTPS

56 %IPv6

23 Domains

34 Subdomains

34 IPs

7 Countries

1070 kBTransfer

3104 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gorillaz-safe-haven.darkbb.com Open in urlscan Pro
178.33.43.178 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

72 %
HTTPS

56 %
IPv6

23
Domains

34
Subdomains

34
IPs

7
Countries

1070 kB
Transfer

3104 kB
Size

13
Cookies

102 HTTP transactions
3 data transactions