lookbook.nu Open in urlscan Pro
2606:4700:3031::ac43:9926 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lookbook.nu/user/9306294-Ogden
Submission: On June 06 via manual (June 6th 2021, 2:45:20 pm UTC) from US

Summary HTTP 90 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 20 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3031::ac43:9926, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookbook.nu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2020. Valid for: a year.

This is the only time lookbook.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:9926	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::681a:12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	52.85.123.39 52.85.123.39	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2050:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.85.170.71 52.85.170.71	16509 (AMAZON-02) (AMAZON-02)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
16	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
90	28

1 2606:4700:3031::ac43:9926 (United States)

ASN13335 (CLOUDFLARENET, US)

lookbook.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:12 (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.85.123.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-123-39.bud50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2050:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.170.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-71.bud50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adform.net track.adform.net s1.adform.net	134 KB
16	lbstatic.nu lbstatic.nu	681 KB
11	googlesyndication.com cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	43 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900011.redintelligence.net	8 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	115 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	cloudflare.com cdnjs.cloudflare.com	25 KB
3	google.com adservice.google.com www.google.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	googletagservices.com www.googletagservices.com	86 KB
2	google.de adservice.google.de	921 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	67 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
1	contentspread.net cdn.contentspread.net	1 KB
1	facebook.com www.facebook.com
1	quantcount.com rules.quantcount.com	439 B
1	googleapis.com ajax.googleapis.com	33 KB
1	lookbook.nu lookbook.nu	8 KB
90	20

	Domain	Requested by
16	s1.adform.net	track.adform.net s1.adform.net lookbook.nu
16	lbstatic.nu	lookbook.nu lbstatic.nu
5	track.adform.net	hal900011.redintelligence.net s1.adform.net
5	hal900011.redintelligence.net	1 redirects cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com hal900011.redintelligence.net
5	tpc.googlesyndication.com	cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net lookbook.nu
4	c.amazon-adsystem.com	lookbook.nu c.amazon-adsystem.com
3	cdnjs.cloudflare.com	s1.adform.net
3	tags.mathtag.com	cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com tags.mathtag.com
3	sb.scorecardresearch.com	1 redirects lookbook.nu
3	www.googletagservices.com	lookbook.nu securepubads.g.doubleclick.net cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
2	cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	lookbook.nu
2	connect.facebook.net	lookbook.nu connect.facebook.net
1	cdn.contentspread.net	hal900011.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	lookbook.nu
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	pixel.quantserve.com	lookbook.nu
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	lookbook.nu
1	ajax.googleapis.com	lookbook.nu
1	lookbook.nu
90	28

This site contains links to these domains. Also see Links.

Domain
telegra.ph

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-28` - `2021-11-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://lookbook.nu/user/9306294-Ogden
Frame ID: A9D97F41A829D624AEF914D4EA210397
Requests: 46 HTTP requests in this frame

Frame: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B537BD4503D35A1EC700737A7595C5F2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C8B6EC5BFB8280E00208A742CE13889F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7284135AD078C59982A09D03D637CE9B
Requests: 1 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
Frame ID: EE5FC5BBA02B6A3D526E523911A899F5
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/9354175/9354175.js?ADFassetID=9354175&bv=261
Frame ID: 43245C9985DF00E10A3AFC46DE606D49
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

90
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

28
IPs

7
Countries

1272 kB
Transfer

3194 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://telegra.ph/Play-Virtual-Games-06-06
Title: telegra.ph/Play-Virtual-Games-06-06

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9=

Request Chain 58

https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=7100935531803&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=7100935531803&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9306294-Ogden Show response
lookbook.nu/user/ 26 KB
8 KB 257ms
226ms Document
text/html 2606:4700:3031::ac43:9926
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227031a96a368fcc170f24a374f776b9fc2cc2a165ecab74feca7906c5f79124

Request headers

:method: GET
:authority: lookbook.nu
:scheme: https
:path: /user/9306294-Ogden
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
set-cookie: last_op_at=1622990703; path=/ _lookbook_session=BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTQxMDFjOGVhMTRkMzE2ZDBmZjEzMTVhZWY1ZThkYTg0BjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxYURMQXJUellKQU1OL1MyRVYrRGxiT1dERXd1b0Qwa1Y5dGIyWDdtUmhDUT0GOwBG--ae41d93916d2732ff7aa20b38267b1cf5af5a2e8; domain=.lookbook.nu; path=/; expires=Sun, 13-Jun-2021 14:45:04 GMT; HttpOnly bypass=; domain=.lookbook.nu; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
x-request-id: a238b54b0af234baa2d4b1acfba10d3f
x-runtime: 0.055025
x-rack-cache: miss
cf-cache-status: DYNAMIC
cf-request-id: 0a8361e5180000535d29342000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XgwCnE2cHM6Tqlfyz%2Be6Kzp5QYwNV96QLym7rEr%2FJ%2FnGENgXjKQWHb3HPprAx%2Fhve6TJxJIIVOzkZ6VxkX6XHjpXC%2F8qXIhHE24uX%2F82%2FuZxyUDn%2F3i9cQ3RTqAzJZUW8veSGpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65b26c1b5e2a535d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 application-c9d05d2ab162623a050cd3a3dbaa32a3.css
lbstatic.nu/assets/ 575 KB
71 KB 62ms
35ms Stylesheet
text/css 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a2ddd211c9a685dc22eff8915cde1d2c8f275ef4e6afc15a8da206cf981384

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477
cf-request-id: 0a8361e61c00004a85da299000000001
last-modified: Mon, 23 Nov 2020 00:14:37 GMT
server: cloudflare
etag: W/"5fbafeed-8faba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0bOXyFsbBkRB21JS9%2FHGegPpvCSoRP3C3K53dvg6%2FnC28PNr44ochn6fE8m%2B%2F0qOnjlkll7XUGR38UHn9DNLxBQ%2Be193Smn82L8JWKku0E6x6%2BFl0O6JJUGNtzEU2oZRJvwcHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1cff7a4a85-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 06:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jun 2022 06:15:07 GMT

GET
H2 200 application-6e02ddd84e0adf0ba96bc93710a577ae.js Show response
lbstatic.nu/assets/ 556 KB
146 KB 73ms
46ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-6e02ddd84e0adf0ba96bc93710a577ae.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7823ac5105a96321604ee9de32a69fbdc77002a92ca657c8c3afcfa56c16007d

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142
cf-request-id: 0a8361e61d00004a85d61fc000000001
last-modified: Mon, 23 Nov 2020 00:14:37 GMT
server: cloudflare
etag: W/"5fbafeed-8b023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ALpntpJcuRW4NkdRogbwxKsfNAKzdmhUzw0QzADCDbzMPU6Rs1uTbYoioUqup6DuzPnG5bixKM%2B1qPv9Pr6veL9jMHuuFvtF4QWE4ZKRCA4tnXfiJHHT8uLX50FWzEGUxd1jYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1cff864a85-FRA

GET
H2 200 application-cc05d8e71d478ac527ce40bbf39f90ed.js Show response
lbstatic.nu/assets/moo/ 91 KB
24 KB 47ms
21ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/moo/application-cc05d8e71d478ac527ce40bbf39f90ed.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b71d51f87baefa9ad3ad207e6e45cfca8782eaed0caede980db1dc56f189b5c

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5281
cf-request-id: 0a8361e61e00004a85f52f3000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: W/"5b4bc9cb-16c56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8H%2BG9qyxSDNinqRn8r93GO6wNFJRtBtvF0A3oJ01BXsawFqfMC8mpQTRmjG4zynbhupjrpEDiC25SX4KK02qCfdkPeprCULX1li94q3%2FC9hGtVBcosa9NnwKzNoweasPY5XZTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1cff894a85-FRA

GET
H2 200 prox-new-6f58470807ac660d8f50fe544c823bba.png
lbstatic.nu/assets/logos/ 953 B
1 KB 25ms
24ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/logos/prox-new-6f58470807ac660d8f50fe544c823bba.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 456
content-length: 953
cf-request-id: 0a8361e67000004a85f7314000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: "5b4bc9cb-3b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VzDkK9HOmU2TBczD0PqiTFas0IUYrEmMyed4zzxDue%2BqeLrZknWI7VHvQm7tA6YAOgK3OHbM22Hvii4stl8SYPaRA36xkDZWod5FlyiEuPyVcahGalzxYyV5%2B7YKIGDuGeXjmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1d78ec4a85-FRA

GET
H2 200 more-0b061e84918c4f68f8a0aad60ae58625.png
lbstatic.nu/assets/header/icons/ 19 KB
20 KB 15ms
13ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/header/icons/more-0b061e84918c4f68f8a0aad60ae58625.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 456
content-length: 19662
cf-request-id: 0a8361e68d00004a85c78cc000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: "5b4bc9cb-4cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NCEbbmoEodl0ot7adJBdJ%2Fkz%2BuS21m80pE2kVcPyAwWJL2Cfn7axNpbPMQLkAtfFwNKy6OL%2Bu9ieQgxoUD9ApnAJetTLydGQan9W3Mt7BbOjrRONqPavUFI9pba7YxexnuZI9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1da9864a85-FRA

GET
H2 200 guy.gif
lbstatic.nu/assets/ 580 B
934 B 15ms
13ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/guy.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3482
content-length: 580
cf-request-id: 0a8361e68d00004a85c132d000000001
last-modified: Sat, 28 Nov 2020 00:15:10 GMT
server: cloudflare
etag: "5fc1968e-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m3vpZd6Tc7z%2F5DtBHAx6zWYz%2BfkKCM%2BHMKRufExYxC2S9Dpz%2B96n94GLrXE2120oRut1TaLDwsHb2kE54S6xplt6zaBhezyQixgb2l68kElR%2F78F6orXc4hFl33lwowg4IXbQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1da9874a85-FRA

GET
H2 200 ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
lbstatic.nu/assets/ 3 KB
3 KB 20ms
18ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2546
content-length: 2608
cf-request-id: 0a8361e68d00004a85b1026000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: "5b4bc9cb-a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WEnSdJywgzfHJnxrRLjdsrVQHK9qIfaoqiq0iphdRKfwOeDaZ3OfxrN0LCOul1%2BKRs1LntRxGGrHXe0Ba4TOXC0Tn0JminnGo92hWqEajL%2BaQdrl6SyxidmXOGu0oN8eDA%2BjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1da9894a85-FRA

GET
H2 200 ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
lbstatic.nu/assets/ 723 B
1 KB 19ms
17ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2187
content-length: 723
cf-request-id: 0a8361e69200004a8500921000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: "5b4bc9cb-2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mO3DbZ14gl183ivMFFWYFswvnJknPKn%2FhmLNCuUjnhSSU7rndyZEttJ9myrzIaBCsxIseK9m8UWzYL64UwoPosVI5iKlfONRwOb4r7RhKO8oAqd%2FFDGhJ%2FpEC%2Fxs0Ie7VJIHWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1da98a4a85-FRA

GET
H2 200 arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
lbstatic.nu/assets/icons/ 686 B
731 B 19ms
18ms Image
image/svg+xml 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/icons/arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5280
cf-request-id: 0a8361e69000004a85bea8a000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: W/"5b4bc9cb-2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r3F7E9kNNRKprj4oYO2kKcyU7OnU%2FQeY2WU3kR38AtI1TDy3aSE7mSBZcJaI3FU2tZ7iN0rgK86a7Aqn6RY7fM%2FsfhtyLateArTUwtZlgaBtIlIDivggJW7q5ukkmJU4wSKaNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1da9904a85-FRA

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
9 KB 27ms
10ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 13 Jun 2021 14:45:04 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "894 / 556 of 1000 / last-modified: 1622844533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Sun, 06 Jun 2021 14:45:04 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 80ms
27ms Script
application/javascript 52.85.123.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.123.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-123-39.bud50.r.cloudfront.net
Software: Server /
Resource Hash: 5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 16:30:51 GMT
content-encoding: gzip
server: Server
age: 80052
etag: 6bda376aea84df42909484ff0d20f22a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a4584fd3c2a27bbe552d92ba541848b.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: 7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id: 1adJ3JOeUmmeJ9QJZy0oHqBa2dq3QviQMLsFRmhU3WFdgCnwbj3Rew==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a53aacffef1254cdc24f5427e075c67314ea15ecabd9f4a6af51ee1c0b3e3d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zU15VF6peZ1hCX+2Yz8jWQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: ijwj9tWVHXmth1NkKQSnm7ZCb0JBnGKCsEqMzRhIkgqS2VSD4lq/Zi2K/cxFDTSthlngqQKSmNYALQh3U+6bPw==
x-fb-trip-id: 1709462857
x-fb-content-md5: ab452323b49affcc1992131e3e8d6761
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 06 Jun 2021 14:45:04 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2f19e2f67b85818bec7e8cc4b68bda92"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 06 Jun 2021 14:54:03 GMT

GET
H2 200 ProximaNova-Regular.woff
lbstatic.nu/assets/ 85 KB
85 KB 46ms
23ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Regular.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1778
cf-request-id: 0a8361e6a900004eb5c39fe000000001
last-modified: Sat, 28 Nov 2020 00:14:20 GMT
server: cloudflare
etag: W/"5fc1965c-155b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BwzaKYTwvaHXeUoa%2B5dbl1R7kI644ITY0IjNRDRdCR8p8BjXkYTAcN%2FP6Fmls5x6mSzbuSF9kM4u15os1fSVCC7Zb7llVCcIa3w2Xmw9MTW1EjALXkdZfW8m57vbFqQKlQEbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1ddf4f4eb5-FRA

GET
H2 200 ProximaNova-Bold.woff
lbstatic.nu/assets/ 76 KB
76 KB 52ms
33ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Bold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7173
cf-request-id: 0a8361e6a900004eb5ab0e9000000001
last-modified: Sat, 28 Nov 2020 00:14:20 GMT
server: cloudflare
etag: W/"5fc1965c-12e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yJieqHbZdsNRKm1L8L8l5UosAqnPb5bi1mapu2sMfLdkxXYf3LJZwr8%2F0eTh8gJ9exuBlaJRzyMIBvXsja5Grsj3tQeJkhwzWu8b2xTjInsQCeoSwkZnfg8xYXI0%2FW0RR95YuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1ddf534eb5-FRA

GET
H2 200 fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2
lbstatic.nu/assets/ 55 KB
56 KB 47ms
29ms Font
application/octet-stream 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2?v=4.3.0
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4239
content-length: 56780
cf-request-id: 0a8361e6a900004eb58d346000000001
last-modified: Sun, 15 Jul 2018 18:53:39 GMT
server: cloudflare
etag: "5b4b9833-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rIDrwijijUPf2N571zyxpiIlw8yptd2Fm0%2FG0vmUItG3QYLdWRfPcqKGoHqzuHTZl69WfXCsELaFcZKZG5YwAqx4Wiz%2FoYcwR09OmC19xeMwTY0jsu3pHVy%2BHb1TrwiyhscBrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1ddf514eb5-FRA

GET
H2 200 ProximaNova-Semibold.woff
lbstatic.nu/assets/ 80 KB
80 KB 30ms
16ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Semibold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7173
cf-request-id: 0a8361e6ac00004eb57b88a000000001
last-modified: Sat, 28 Nov 2020 00:14:20 GMT
server: cloudflare
etag: W/"5fc1965c-13e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nMW7%2BdL9ZgdOFNqtjVmvpGpKmQG9nQRuzSrPfILc2KIE1MrdUrMZR4PQjXR4BKkjXOFn1i4EXDqYGrD%2Bp1IN4qLdo9cyz6eKwhoXp3orlFtEAcQG%2F%2F85N2gS8QWHbqOdM7yO6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1ddf544eb5-FRA

GET
H2 200 ProximaNova-Light.woff
lbstatic.nu/assets/ 91 KB
90 KB 15ms
14ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Light.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5668
cf-request-id: 0a8361e6c200004eb5b1a87000000001
last-modified: Sat, 28 Nov 2020 00:14:20 GMT
server: cloudflare
etag: W/"5fc1965c-16c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sFbP6dPyBEaNxAGpiJ%2BIHbiWaWejzGRw65LBWovlM9FdiKQz8v3Ct1fBems2f0yieO4rRf0Cehb2bof69yd5u5U6lIC8wX8WjEltFLEZKaSFet%2BI9yxfT%2BeInh6KheXmVkd6XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 65b26c1e0fc24eb5-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5621
date: Sun, 06 Jun 2021 13:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 06 Jun 2021 15:11:23 GMT

GET
H2 200 rules-p-15_abpQY22gxg.js Show response
rules.quantcount.com/ 3 B
439 B 66ms
21ms Script
application/javascript 2600:9000:2050:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-15_abpQY22gxg.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:47:12 GMT
via: 1.1 a3c3236fb9c392e8c5978c750d2f8309.cloudfront.net (CloudFront)
age: 10673
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:43:01 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
x-amz-cf-id: K7TFQGLUo_n8V63SLNStHjKCpusokFNO5IzRGmE8MlESR3MB0Enjlg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 81ms
24ms Script
application/javascript 52.85.170.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-71.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:35:51 GMT
via: 1.1 c179ca8f9ebae77e3e88259990d0a4e1.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: mDlr6rWzggjReVGqjUPpvSS4gy17-Wqh7ZnRQezx_7iUmVu_DT1p5g==

GET
H2 200 new_sprite.png
lbstatic.nu/assets/ 26 KB
26 KB 25ms
25ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/new_sprite.png?cb=9
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26

Request headers

Referer: https://lbstatic.nu/assets/application-c9d05d2ab162623a050cd3a3dbaa32a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 772
content-length: 26481
cf-request-id: 0a8361e6dc00004a85ceae4000000001
last-modified: Sat, 28 Nov 2020 00:15:15 GMT
server: cloudflare
etag: "5fc19693-6771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jOTTc8q3uFbf8zC5ntE4MLjTQfBSjjN2zrhVv1ObDGPovfb1%2F3HQEo066VJ6Aqww4BS9KngfbFrtZFy18OgPmUNi3a%2BTlCC9jvZmALXQATwjUx3SRzFloTC031zDeJ60JBs5KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1e2ad94a85-FRA

GET
H2 200 bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
lbstatic.nu/assets/ 294 B
619 B 16ms
16ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7139
content-length: 294
cf-request-id: 0a8361e6f800004a85da9c6000000001
last-modified: Sun, 15 Jul 2018 22:25:15 GMT
server: cloudflare
etag: "5b4bc9cb-126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nr5IolcSGPabjLi%2B43DdtTesLUrnJ1p1L%2Fo6Vqk2z%2FEZ8Eym7WpFJyQ7h0%2BIrPQXvj7Ve5VUH9TRlhzrmJQx5z1cxS1nwkwdVFAukW%2Fgnm1xPlabMksiZdZLdb1aUOGm%2Fz5EBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 65b26c1e5b6d4a85-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=aeb7f055909624fe361587ca053720fa&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4703f3f9a57f1e0373724a89f0c1e6ce68a998e130d43e882756854ea506c810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://lookbook.nu
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oTsTGahwSgNqfg4nkPk01A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65737
x-fb-rlafr: 0
x-fb-debug: Lg2IhAL3VyJiy75su+/JDjfCjzUel9lk5PxKSnJ2LvdVcnBJFPzz+ZipqfvBkUTLVpPkb6aSMnJQIEBhBaDdtg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8e6171897542f5362608e0c656810415
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 06 Jun 2021 14:45:04 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "029f9344898874d8e5741c79acac2f54"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Jun 2022 13:32:44 GMT

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 37ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Sun, 06 Jun 2021 14:45:04 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 15ms
13ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4019432-1&cid=1762146064.1622990704&jid=1474329513&gjid=420031399&_gid=307381652.1622990704&_u=YGBAgAABAAAAAE~&z=700062158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 06 Jun 2021 14:45:04 GMT
content-type: text/plain
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=493492684&t=pageview&_s=1&dl=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&dp=%2Fuser%2F9306294&ul=en-us&de=UTF-8&dt=Ogden%20%7C%20Lookbook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1474329513&gjid=420031399&cid=1762146064.1622990704&tid=UA-4019432-1&_gid=307381652.1622990704&cg1=User%20Profiles&z=1509309144

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 09:04:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
300 B 139ms
139ms XHR
text/plain 52.85.123.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=32930239-e300-4e84-8205-3dc868716562&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.123.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-123-39.bud50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
via: 1.1 7a4584fd3c2a27bbe552d92ba541848b.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://lookbook.nu
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: Ab7KGRnh6f0CeRYSzEiPpx6_pvavUOoLT-8klXVayUE7zU8M4lSqbg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 83ms
82ms XHR
text/javascript 52.85.123.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&pid=DepWNOtYuujI0&cb=0&ws=1600x1200&v=7.65.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1093101%2Fex_hp_728x90%22%7D%5D&cfgv=0&pubid=32930239-e300-4e84-8205-3dc868716562&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.123.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-123-39.bud50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
via: 1.1 7a4584fd3c2a27bbe552d92ba541848b.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 14MBcB0LRRz5ItBtDbzKIGLBcflkzLGb8ZXW9lwpiAdDLeWSECpkvA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 73ms
24ms XHR
application/javascript 52.85.123.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.123.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-123-39.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 57823
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Sat, 05 Jun 2021 22:41:22 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8d1d469965b7983f5b93251c439f9c4c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: WqSji2Oe7vtztsPYS9YGBp2NCFYGwIORyaUVy5nmbHyhrfYKSnDgew==

GET
H2 200 pixel;r=653082593;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden;uht=2;fpan=1;fpa=P0-168449043-1622990704441;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;...
pixel.quantserve.com/ 35 B
372 B 17ms
15ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=653082593;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden;uht=2;fpan=1;fpa=P0-168449043-1622990704441;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=lookbook.nu;je=0;sr=1600x1200x24;dst=1;et=1622990704441;tzo=-120;ogl=site_name.Lookbook%2Ctitle.Ogden%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fuser%2F9306294-Ogden%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.Finding%20out%20About%20Online%20video%20Online%20games%20For%20Kids

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 35ms
34ms Fetch
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=71607949800&input_token&origin=1&redirect_uri=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aeb7f055909624fe361587ca053720fa&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LNnYsGaVt1GTnPxkIUdxvu9XqmR3x27kYK5ZCpgOwgYX/nTxSobKGOFj6dZaVlfdTRWCZLauXFMh2tREtOvfsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Jun 2021 14:45:04 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9=

64 B
330 B

64ms
64ms

Image
image/gif

52.85.170.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9=
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-71.bud50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
via: 1.1 c179ca8f9ebae77e3e88259990d0a4e1.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: krgWrYKqYgbg3PpC6k-j4S6q8SDUUHp-p-TiHBm7W-B0cLCTjR3klA==

Redirect headers

date: Sun, 06 Jun 2021 14:45:04 GMT
via: 1.1 c179ca8f9ebae77e3e88259990d0a4e1.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1622990704448&ns_c=UTF-8&cv=3.5&c8=Ogden%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&c9=
content-length: 193
x-amz-cf-id: ITHNHlg9nAsKIGneaaTQfXerpL6qKzxWGSd5iyV_vWReITlpWcil-Q==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 896 B
283 B 491ms
477ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1406056760383546&correlator=1917922049157301&output=ldjh&impl=fifs&eid=31061143&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210606&iu_parts=1093101%2Cex_hp_300x250%2Cex_hp_btf_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x250&eri=1&cust_params=d6%3D2%26d20%3D8%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1622990704&dt=1622990704474&dlt=1622990704126&idt=327&frm=20&biw=1600&bih=1200&oid=3&adxs=990%2C990&adys=64%2C749&adks=1276300409%2C1030487218&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C300x250&msz=300x250%7C300x-1&ga_vid=1762146064.1622990704&ga_sid=1622990704&ga_hid=493492684&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

aed664b3df7ed0faeb893dbc0d216bdcb73939016e9fe68c6c9eb64abb2e405e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 164ms
164ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1406056760383546&correlator=1425021488738548&output=ldjh&impl=fifs&eid=31061143&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210606&iu_parts=1093101%2Cex_hp_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=d6%3D2%26d20%3D8%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1622990704&dt=1622990704515&dlt=1622990704126&idt=327&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=64&adks=3286650984&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9306294-Ogden&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x0&msz=980x0&ga_vid=1762146064.1622990704&ga_sid=1622990704&ga_hid=493492684&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

88d013ee73dd1cd25eee011a86319e5f4cb6ce6d228984eae3403a916fa96a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5374
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B537 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 06 Jun 2021 14:45:04 GMT
expires: Mon, 06 Jun 2022 14:45:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Sun, 06 Jun 2021 14:45:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 38ms
17ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cffbc346973c07fda64cc818d275a992512a1f24d0e4901ced6d09fc81025427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7722
x-xss-protection: 0

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B537 0
0 44ms
43ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVA53cN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1AFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnXij879Vqi1fXmkkHN_KDArRD-AEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMDc5MDg5NDE0ODQ1MTc4NQ&sigh=S3UvxCfZRdE&tpd=AGWhJmvvQqByURHH7Y5JDCS9HkLWmYPbyjca470RDfBxs5p0MG2-fFmiua9cQ_7YWtmSHB9q8irme5hCXRfoi25QK7mWXFC8oFeBFJ37dIgk8cOfsWko5Bsc4yuQ4f12onHHPe1pCLslRAAvtchfSxhv1W5oRDZU-2pC79UxDwlBnqf_LJx24aw73lFl3hHb1NoTJExSPVjQCMBeB2arMBsT3iBJp46s6lG8_1kmCZCeAnP95hrCgNZ07wJ0oXOlcSLi7_46nXNL74fQW4GWuuOdU8xgKTvTskK1W-F52ua1ARKKndRetuWVh8P3_Gy_6nYfgj3USFfn5D3FLRuHfSW6U13kBi9a3OqmV2CPwPxnDqs0LMYrflM2-sTEVpE_j2uAXSVz6pvhLgeWVdAZjY93_EdICWiIN-NCcOvl6R3mMujDNI8RT2W3P3fHr79k4iYjqpfbWMiEqBNgZdDWdMmnc1S-85TvfUeamfawvebJRTZIqMK-X9NdsmF6B_92lBRZR1Tn5qKLdzFhqAKP9Jxmf8U4Noe0GRqWTT2hqIweqaXBGQXf5zvwGKDutG-xrk6zhKom252nktl-7rVnH_b432b90AYyOPbomzi0zrpzF_uOcVAhK-1RVS6v5vbEBZ9f1J4KnjyaqB941pRyVm1QLRPfc237CyiouCBDRKLIjyRv0Jatxk2939M8Rka6JQ9K_DnwwZl_E7r8LycLOWf6YDEBbsH1WGKTbO57zkGz3MmANn7Fiwnv8At7XwRgCQhgpHkvolsTZRlE2OXMlaVaLGyda1hiNh7gUuhBbzC-0BxR-Gs6OJ-GFwyEXCJU7AuPNAhk5yGzvTvuyh9YpJPB2EgEQjPaknzas0awssM9UIGYkm7gos5Rn2cht11LTfvGX2M2N6LT2FF8oMfygfLa0z2FeazeUgripMrXKsBAT1PrpvJA7T_jOX0EOQoCRr3rOQ6aw6iImGt5lDysTMVDIznU1wCsVfpConZKfRN-xV-O-WJaJUNefHwC78BS6JzPlOCOB4CiASa5hr03dZh8aHhDyiBuMRTn8mCZWNU
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame B537 3 KB
2 KB 50ms
16ms Script
application/x-javascript 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdGbE5UbGlNV0l0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTM3NDUxMjM1MjM3MzU5OTgvOTE2NTU0Mi84MjY0NDU5LzQvRWQyS0JyV0IxYzNBYmhQREdoZEVuLTFIQ3RhMTRqckJTTFJnWmxhbUJoYy8xLzQvMC8wLzE1NjU0ODcvOTU2OTg0MzIvMjE1NTQzLzkxODAwNS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczMTM3NDUxMjM1MjM3MzU5OTgvYW1zLzAvOTkwMy83NS85OTkvMjU4LzUuMTgwLjYyLjAvMC4wMDAvMTYyMjk5MDcwNC8xNjIzMDAzMzA0LzQvcHViLTA3OTA4OTQxNDg0NTE3ODUv/eU6foQpGb8BE_o-R-hdwo3RWyik&nodeid=2821&group=eu&auctionid=7313745123523735998&sid=8264459&cid=9165542&bp=a_dfcbhe&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%26client%3Dca-pub-0790894148451785%26adurl%3D
Requested by: Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: 463ec0ada768f64efd753c36524365d0deea331fce59d347fd259341d1b8a98a

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:03 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1622990704
Last-Modified: Sun, 06 Jun 2021 14:45:04 GMT
Server: MMBD/3.200.1
x-mm-latency: 2 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x42, cdg-bidder-x170
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sun, 06 Jun 2021 14:45:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B537 2 KB
1 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 14:43:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B537 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sun, 06 Jun 2021 14:45:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B537 13 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 14:43:45 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B537 22 KB
7 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 07:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111909
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jun 2022 07:39:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 06 Jun 2021 14:45:04 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C8B6 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 06 Jun 2021 14:44:27 GMT
expires: Mon, 06 Jun 2022 14:44:27 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7284 783 B
814 B 15ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8c1171ea464ad9d43494a974b9d97d4dc7e53eb228915877fdcac75431ce753

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g0SNwD/zdNmyYS4GEDDXTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

expires: Sun, 06 Jun 2021 14:45:04 GMT
date: Sun, 06 Jun 2021 14:45:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-g0SNwD/zdNmyYS4GEDDXTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1sgkp2euhhej Show response
hal9000.redintelligence.net/zone/ Frame B537 11 KB
4 KB 36ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/1sgkp2euhhej?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=7313745123523735998&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 53ccf6134891a28af7f6a42ece9ee61a153a859f2a1ec8f8451b6a8e8d31ae1b

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3447
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame B537 49 B
330 B 42ms
16ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7313745123523735998&node_id=2821&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdGbE5UbGlNV0l0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTM3NDUxMjM1MjM3MzU5OTgvOTE2NTU0Mi84MjY0NDU5LzQvRWQyS0JyV0IxYzNBYmhQREdoZEVuLTFIQ3RhMTRqckJTTFJnWmxhbUJoYy8xLzQvMC8wLzE1NjU0ODcvOTU2OTg0MzIvMjE1NTQzLzkxODAwNS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczMTM3NDUxMjM1MjM3MzU5OTgvYW1zLzAvOTkwMy83NS85OTkvMjU4LzUuMTgwLjYyLjAvMC4wMDAvMTYyMjk5MDcwNC8xNjIzMDAzMzA0LzQvcHViLTA3OTA4OTQxNDg0NTE3ODUv/eU6foQpGb8BE_o-R-hdwo3RWyik&nodeid=2821&group=eu&auctionid=7313745123523735998&sid=8264459&cid=9165542&bp=a_dfcbhe&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%26client%3Dca-pub-0790894148451785%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:03 GMT
Server: MMBD/3.200.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x88, cdg-bidder-x170
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 06 Jun 2021 14:45:02 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame B537 43 B
360 B 39ms
22ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7313745123523735998&v3=918005&v4=8264459&v5=9165542&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdGbE5UbGlNV0l0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTM3NDUxMjM1MjM3MzU5OTgvOTE2NTU0Mi84MjY0NDU5LzQvRWQyS0JyV0IxYzNBYmhQREdoZEVuLTFIQ3RhMTRqckJTTFJnWmxhbUJoYy8xLzQvMC8wLzE1NjU0ODcvOTU2OTg0MzIvMjE1NTQzLzkxODAwNS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczMTM3NDUxMjM1MjM3MzU5OTgvYW1zLzAvOTkwMy83NS85OTkvMjU4LzUuMTgwLjYyLjAvMC4wMDAvMTYyMjk5MDcwNC8xNjIzMDAzMzA0LzQvcHViLTA3OTA4OTQxNDg0NTE3ODUv/eU6foQpGb8BE_o-R-hdwo3RWyik&nodeid=2821&group=eu&auctionid=7313745123523735998&sid=8264459&cid=9165542&bp=a_dfcbhe&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%26client%3Dca-pub-0790894148451785%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3759 5f8f15b master cdg-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:04 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 06 Jun 2021 14:46:52 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame B537 49 B
330 B 43ms
16ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7313745123523735998&st=8264459&time=1622990704&nodeid=2821
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdGbE5UbGlNV0l0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTM3NDUxMjM1MjM3MzU5OTgvOTE2NTU0Mi84MjY0NDU5LzQvRWQyS0JyV0IxYzNBYmhQREdoZEVuLTFIQ3RhMTRqckJTTFJnWmxhbUJoYy8xLzQvMC8wLzE1NjU0ODcvOTU2OTg0MzIvMjE1NTQzLzkxODAwNS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczMTM3NDUxMjM1MjM3MzU5OTgvYW1zLzAvOTkwMy83NS85OTkvMjU4LzUuMTgwLjYyLjAvMC4wMDAvMTYyMjk5MDcwNC8xNjIzMDAzMzA0LzQvcHViLTA3OTA4OTQxNDg0NTE3ODUv/eU6foQpGb8BE_o-R-hdwo3RWyik&nodeid=2821&group=eu&auctionid=7313745123523735998&sid=8264459&cid=9165542&bp=a_dfcbhe&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%26client%3Dca-pub-0790894148451785%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:03 GMT
Server: MMBD/3.200.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x47, cdg-bidder-x170
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 06 Jun 2021 14:45:02 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame C8B6 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame B537
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
935 B

71ms
49ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=7100935531803&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
URL: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b5072daf9ab430cb6d469b2a81a299f005c3263b0ae8121bb1955e3667072012

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Jun 2021 14:45:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92840800108927802653749011617011
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Sun, 06 Jun 2021 15:45:04 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 06 Jun 2021 14:45:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=7100935531803&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 06 Jun 2021 15:45:04 +0200

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=1406056760383546&bg=!5Oel56PNAAY6sG-_OrA7ACkAdvg8WmWUyEl5zaVd_KMZ2oJ2boaD5LnI9pwKtssY1HsIwfyqaDJ_-wIAAABmUgAAAA5oAQcKANLTHl9v4AwzHQx-Mb_hF4mNYm9zVzBJjNQ_7V3uRVKfmjrVZajjDlo2D-caCyaIATQmYcT4uxm4uRor9PUrtkvsp-ibUvexhR7k1_ww3cxGdem-qAh5HdfCWaHj1S8oG827ba9JgfbMyrhUhQWbBW5-mFgGL6WSDJ0ubhHJraHN9eVfJodkZ_VAfVP8ez0fE_fnmudKbnTmSNJQcEuQmEfqKUrwIQBUgCSqjTTiq36GhuM-FTbgOOtM4hlv4vGu5srW4Uw_GL4x81CT32UrvBO-_TeZAjsnOyMi7WXIpmzxOF_o9f0TkvbGUOaYotJ7e93NsQE8kYXzJQ5pfW0eYAteiTjGweOzC6en1Nw8NCHkFLCR6BvWll0F9H7VP1Eav0AmHc63zyJ7j94_RsAEDL67ZbHmikqwKBF_5y94pNzqVdnm-vhPIqj4Is1JMfOLtBfrInNgeJn4ZFcapa0RbDD-9qH6c5CWM7yxXGJHoEVEuSl3j9_38NH0kCyFZf9fMQw1QWFjwaRftzBfAA5i-ubJe4OOJwotRrtYLYOvwnDN7pA3BYNGydX7mj98OknR9ihtygXEtsK6reuHOxf44QSdMFtb0VD7Np6Aw3crLjKaR1k0v0EB32pTe0cWG4sRvvcMhjxYFXuzwx7xS6T6le_421JqxrEJLJXMP3wTMOFp71TjN70K5wWZrtkFef8_oyC-vBVR8gmy91u_4cVqx9YHWt8rMpElblQLhxVn73uZ4D-4Zld8z_IZL1VAL4EAPC6gwuePzc1wwcd7axtLo2_sDgUaG5gXqFuSVn9i7gEpgGySsvvuQsKF68X-JMMGfUxnoVyJOuOmrGPUpOBCyGG5ik10NbhyQmkgByGFpu6f_Gubnpq8lU2akj9vy6a1_yU1S30tbUP73IYMODOnzIn2Gsg5IJqA92L22TKFzwZ_2uw2unKEqcogY9dsX3BAYIW0kk676OuMlMRm5-kg6OKxS5bbRw92dIHfan2N627Osq--dsESTPrhlsDOlsZTt2e3j9dgNDyI_I5ktP55Fx0k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame EE5F 3 KB
2 KB 33ms
11ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=1sgkp2euhhej&nw=20&renderingType=javascript&namespace=0be58e68b5&subid=&uid=d8dca3875129072e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7313745123523735998%26mt_id%3D9165542%26mt_adid%3D215543%26mt_sid%3D8264459%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_cid%3Dc38360bc-df70-4001-be2f-2dc2c2b40759%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqnzycN-8YO2mIbn5-gbr4Llwz4eOm1zAhtmCxgLAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCeACAKgDAaoE1wFP0G86OzX-6U6Cc45OThjN9BFATtCol9BehsciHR1Iv3V3vZ_YgJ3VCODenbFE6SrTy8pVleSGIqgc4n2fdQNBBz74gSKO8BcU7fc6yFMpG6uKyRGd9mG3GfpHhlKKic56QI99CaBi5cqGYhLFtX4Ghw-0whp_QY6E9gheieyAZdeetHZhlPXwfxL9YU7KVfkJWkBq1jP7PD4-cJ07Q6_5VQXBqJ6mOC3_mdP2gRPhFgQRzdzniHinDxBgmVY2Q2oCnTqh_i35OolY081stweKo_rMG5ZzbOAEAYAG4d-f1fy4ofkfoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0FATfYwPEfdZLxT83YEAeCkErecw%2526client%253Dca-pub-0790894148451785%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=7100935531803&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 54d25e9029bca59620a4817126923df6ee9f112136606f4b09df007bd7e70990

Request headers

Host: hal900011.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=974b69d55b8de0ca
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/

Response headers

Date: Sun, 06 Jun 2021 14:45:04 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 06 Jun 2021 15:45:04 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1327
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame B537 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44ae71bc69fa1210f62491315279118b5e511f8526bb4beecd5973bd665c0d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame EE5F 747 B
940 B 62ms
20ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44541049;click=https%3A%2F%2Fhal900011.redintelligence.net%2Fc%2Fp1hrhudo5gyp0do%3Ftprde%3D

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e4704ae897ee2a9639530cb2385581c6bd3e259efd5867508e4875c874f16c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 547
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame EE5F 0
150 B 33ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=92840800108927802653749011617011&a=5ac89cca&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame EE5F 35 KB
17 KB 59ms
18ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44541049;click=https%3A%2F%2Fhal900011.redintelligence.net%2Fc%2Fp1hrhudo5gyp0do%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 07 Jun 2021 18:30:43 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame EE5F 4 KB
2 KB 20ms
20ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=44541049;click=https%3A%2F%2Fhal900011.redintelligence.net%2Fc%2Fp1hrhudo5gyp0do%3Ftprde%3D;js=1;adfxid=1x;6477;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Flookbook.nu

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5859d553399f5fc2c4e61cb5763a0a5da175b99bf99f916f2e4b64623a4782a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1976
expires: -1

GET
DATA 200
OK truncated
/ Frame EE5F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame EE5F 851 B
1 KB 43ms
8ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:05 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame EE5F 90 KB
39 KB 25ms
25ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 07 Jun 2021 17:40:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame EE5F 35 B
478 B 20ms
19ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=44541049&csi=kWIvoPZm_T99pCg4TjszOZ6agM5csTni-OjyIrLioWfrygPkIxxfk4kK5Vz2g2H_BGMQwlIL24KyZepN75dhgt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900011.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 9354175.js Show response
s1.adform.net/Banners/Elements/Files/160090/9354175/ Frame 4324 3 KB
1 KB 19ms
18ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/9354175.js?ADFassetID=9354175&bv=261

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9306294-Ogden

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9bf271215cc868a5eb9ec7ac33e125da2fc0b760b73c9e966337e3c245f9a2cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: W/"60474146-be1"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 1 KB
839 B 23ms
22ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0865cf902b0ce2f159c9546e8694e154e5607eab4c95912b47b6c6b05d142043

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: W/"60474146-504"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 4324 30 KB
13 KB 25ms
23ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 117 B
413 B 25ms
23ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: "60474146-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 10 KB
10 KB 26ms
23ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d95c876cd9a9ebf4ea871ead3a99c196ef9af49c1cfe74d691f3417a5b90bbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:05 GMT
server: nginx
etag: "60474149-26b2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 9906

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 3 KB
3 KB 27ms
24ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

88c12c3c92b6aadf8ce0ff7080d84064f32644522663cd4fd7d29a5f32611b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:01 GMT
server: nginx
etag: "60474145-b82"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2946

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 4 KB
4 KB 27ms
24ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/text2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8d4c95116468948cc88f3877b12dbdb645b0ceb67663d73017e87791a7a399dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:01 GMT
server: nginx
etag: "60474145-106b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4203

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 4 KB
5 KB 28ms
24ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dcde8bac801378cc881d854a87d37094116b0be6b399ad4bf213d35967d909e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:01 GMT
server: nginx
etag: "60474145-10f9"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4345

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 2 KB
2 KB 28ms
25ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

58673dabe4021de213db4d84eb1ed8be2fa66057110839f0492d467190aa57f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: "60474146-6f4"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1780

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 2 KB
2 KB 28ms
25ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d1993b23eeeef38e0bd562df3441e3625141a445a2334fb595ce895a5a37fb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: "60474146-7a5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1957

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 4 KB
4 KB 29ms
26ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fbe834a81386008e42528c0f526ae2d22c2a10f1e319978a2db8b296d603fbe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:05 GMT
server: nginx
etag: "60474149-fa1"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4001

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 5 KB
5 KB 29ms
27ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f6bb648cc97b6f71ea5efd1420d09ab6a403b4d09e048b838dc2d8ff26d58e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:02 GMT
server: nginx
etag: "60474146-125b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4699

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 22 KB
22 KB 33ms
30ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee9c61c14b15059031043903c0fea49ca2e0f7535e8379b53db578c6fda696cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
last-modified: Tue, 09 Mar 2021 09:35:05 GMT
server: nginx
etag: "60474149-5856"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 22614

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 4324 38 KB
14 KB 13ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4045029
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13669
cf-request-id: 0a8361eac500005364c995c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b2gS55m5PQDCtx1GT2S2Wk294gRHuJQtw7dEqyiM2T3nCFGYBLGhqt31s20B8flhvtTJxTYeF91YFEwy0dahtbKyY7DPpKcC%2Blp3Vx6Ve7UTZX6WGEcqLwpDbPgRa5tkXJy%2F2VMVmC6uqbcoQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65b26c246e7a5364-FRA
expires: Fri, 27 May 2022 14:45:05 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 4324 5 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1044865
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1730
cf-request-id: 0a8361eac600005364d49f8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IlNxt6wac5zypI4kDtlSfu8FIbZx13WvDiWTJiV%2B5lhxQUIKubhqdyJRJQ8AZgP%2Fa4LgxVjY4yDsFQKrtqPBm3eTwIAarhPavfPT1Jo9wN3p0Dj8lKk6LpAqW93%2FDPepc5uY7S1JmonUlsOQEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65b26c246e7d5364-FRA
expires: Fri, 27 May 2022 14:45:05 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 4324 26 KB
9 KB 31ms
30ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 931571
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8578
cf-request-id: 0a8361eac600005364e3b85000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z86CcCKmpvCFmIDKRoXHYK8qzeQ8YtpjsDeB7lsB96%2B4Vcvh5YlbdoxYr1awz60py0UsNViap%2FL%2Bo3wLydvAi2tgh2aD0HY8a7B49j725Lm4FgPrwa%2BkLIIhqrL69wM%2F2hnnYIKoWsuTH3vlaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65b26c246e7f5364-FRA
expires: Fri, 27 May 2022 14:45:05 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/ Frame 4324 7 KB
1 KB 27ms
26ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/9354175/bvpath_261/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4ff04457b18e9554cc92e293e684c602f7ceeafa642f5893035ffd62efb5d224

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 14:45:05 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 09:35:01 GMT
server: nginx
etag: W/"60474145-1a7d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B537 42 B
64 B 28ms
14ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUpluGSlYSKOdoB7Zy_4MVj4mEDJKc_ZqfDpLQTPR-G41tHrs9oavybaarDPe56n8UGX_cy0AHmPNUSmJTaOkcftyK5gB-YA&sig=Cg0ArKJSzIyz7xSjPAQjEAE&cid=CAASF-RoQqEQZ9WilSNZB6ytaCtZOXPUrW0w&id=lidar2&mcvt=1000&p=64,315,154,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3286650984&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622990704696&dlt=21&rpt=310&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame EE5F 0
150 B 33ms
11ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=92840800108927802653749011617011&a=5ac89cca&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900011.redintelligence.net/request_content.php?s=92840800108927802653749011617011&a=f5aa622d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 14:45:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame EE5F 35 B
478 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4749716125783674176@@44541049,8042750887290821795,100|1100|0|0|0|0|0|0|0||50|1|||||1|0|0|futJv0jgDDNcPlakbYq96d048AugblaJN_WxLpg7R7e7QlKztpHGF4m3nyX34Xgm0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900011.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame EE5F 35 B
478 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4749716125783674176@@44541049,8042750887290821795,100|4699|0|0|0|0|0|0|0||214|1|||||1|0|0|futJv0jgDDNcPlakbYq96d048AugblaJN_WxLpg7R7e7QlKztpHGF4m3nyX34Xgm0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 14:45:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900011.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lookbook.nu/	1970-01-19 18:59:55	Name: _lookbook_session Value: BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTQxMDFjOGVhMTRkMzE2ZDBmZjEzMTVhZWY1ZThkYTg0BjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxYURMQXJUellKQU1OL1MyRVYrRGxiT1dERXd1b0Qwa1Y5dGIyWDdtUmhDUT0GOwBG--ae41d93916d2732ff7aa20b38267b1cf5af5a2e8
.lookbook.nu/	1970-01-20 04:14:19	Name: __qca Value: P0-168449043-1622990704441
lookbook.nu/	1969-12-31 23:59:59	Name: last_op_at Value: 1622990703
lookbook.nu/user	1969-12-31 23:59:59	Name: last_session_at Value: 1622990704374
lookbook.nu/user	1970-01-19 19:33:02	Name: 30-day Value: 1-1625582704375
lookbook.nu/user	1970-01-19 18:59:55	Name: 7-day Value: 1-1623595504375
.lookbook.nu/	1970-01-19 18:49:50	Name: _gat Value: 1
lookbook.nu/user	1970-01-19 18:51:17	Name: 1-day Value: 1-1623077104375
.lookbook.nu/	1970-01-19 18:51:17	Name: _gid Value: GA1.2.307381652.1622990704
.lookbook.nu/	1970-01-20 12:21:02	Name: _ga Value: GA1.2.1762146064.1622990704
lookbook.nu/user	1969-12-31 23:59:59	Name: bookmark Value: null

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://lbstatic.nu/assets/application-6e02ddd84e0adf0ba96bc93710a577ae.js(Line 14) Message: LB.Views.Analytics init
console-api	log	URL: https://lbstatic.nu/assets/application-6e02ddd84e0adf0ba96bc93710a577ae.js(Line 15) Message: Dark header init
console-api	log	URL: https://lbstatic.nu/assets/application-6e02ddd84e0adf0ba96bc93710a577ae.js(Line 15) Message: LB.Views.Main init
console-api	log	URL: https://lbstatic.nu/assets/application-6e02ddd84e0adf0ba96bc93710a577ae.js(Line 18) Message: LB.Views.Retention init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c.amazon-adsystem.com
cce3d8f9120180006e3a0674365c632b.safeframe.googlesyndication.com
cdn.contentspread.net
cdnjs.cloudflare.com
connect.facebook.net
edge.quantserve.com
hal9000.redintelligence.net
hal900011.redintelligence.net
lbstatic.nu
lookbook.nu
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
rules.quantcount.com
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
138.201.64.38
142.250.181.226
185.29.135.190
2.18.233.201
2600:9000:2050:9a00:6:44e3:f8c0:93a1
2606:4700:20::681a:12
2606:4700:3031::ac43:9926
2606:4700::6810:125e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:400c:c04::9a
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
37.157.2.247
37.157.4.29
52.85.123.39
52.85.170.71
54.36.108.3
78.46.111.106
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0865cf902b0ce2f159c9546e8694e154e5607eab4c95912b47b6c6b05d142043
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1
1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd
227031a96a368fcc170f24a374f776b9fc2cc2a165ecab74feca7906c5f79124
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
463ec0ada768f64efd753c36524365d0deea331fce59d347fd259341d1b8a98a
4703f3f9a57f1e0373724a89f0c1e6ce68a998e130d43e882756854ea506c810
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4ff04457b18e9554cc92e293e684c602f7ceeafa642f5893035ffd62efb5d224
51a2ddd211c9a685dc22eff8915cde1d2c8f275ef4e6afc15a8da206cf981384
53ccf6134891a28af7f6a42ece9ee61a153a859f2a1ec8f8451b6a8e8d31ae1b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54d25e9029bca59620a4817126923df6ee9f112136606f4b09df007bd7e70990
5859d553399f5fc2c4e61cb5763a0a5da175b99bf99f916f2e4b64623a4782a3
58673dabe4021de213db4d84eb1ed8be2fa66057110839f0492d467190aa57f3
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
5b71d51f87baefa9ad3ad207e6e45cfca8782eaed0caede980db1dc56f189b5c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7823ac5105a96321604ee9de32a69fbdc77002a92ca657c8c3afcfa56c16007d
7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c12c3c92b6aadf8ce0ff7080d84064f32644522663cd4fd7d29a5f32611b15
88d013ee73dd1cd25eee011a86319e5f4cb6ce6d228984eae3403a916fa96a4c
8d4c95116468948cc88f3877b12dbdb645b0ceb67663d73017e87791a7a399dc
8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195
99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361
9bf271215cc868a5eb9ec7ac33e125da2fc0b760b73c9e966337e3c245f9a2cc
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53aacffef1254cdc24f5427e075c67314ea15ecabd9f4a6af51ee1c0b3e3d06
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8c1171ea464ad9d43494a974b9d97d4dc7e53eb228915877fdcac75431ce753
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
aed664b3df7ed0faeb893dbc0d216bdcb73939016e9fe68c6c9eb64abb2e405e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5072daf9ab430cb6d469b2a81a299f005c3263b0ae8121bb1955e3667072012
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cffbc346973c07fda64cc818d275a992512a1f24d0e4901ced6d09fc81025427
d1993b23eeeef38e0bd562df3441e3625141a445a2334fb595ce895a5a37fb97
d44ae71bc69fa1210f62491315279118b5e511f8526bb4beecd5973bd665c0d5
d95c876cd9a9ebf4ea871ead3a99c196ef9af49c1cfe74d691f3417a5b90bbec
dcde8bac801378cc881d854a87d37094116b0be6b399ad4bf213d35967d909e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4704ae897ee2a9639530cb2385581c6bd3e259efd5867508e4875c874f16c24
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ee9c61c14b15059031043903c0fea49ca2e0f7535e8379b53db578c6fda696cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f6bb648cc97b6f71ea5efd1420d09ab6a403b4d09e048b838dc2d8ff26d58e5a
fbe834a81386008e42528c0f526ae2d22c2a10f1e319978a2db8b296d603fbe6
fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26
fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

lookbook.nu Open in urlscan Pro 2606:4700:3031::ac43:9926 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

63 %IPv6

20 Domains

28 Subdomains

28 IPs

7 Countries

1272 kBTransfer

3194 kBSize

11 Cookies

1 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lookbook.nu Open in urlscan Pro
2606:4700:3031::ac43:9926 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

28
IPs

7
Countries

1272 kB
Transfer

3194 kB
Size

11
Cookies

90 HTTP transactions
2 data transactions