www.forums.freestufftimes.com Open in urlscan Pro
67.225.198.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Submission Tags: falconsandbox
Submission: On February 17 via api (February 17th 2023, 9:26:32 am UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 55 HTTP transactions. The main IP is 67.225.198.48, located in United States and belongs to LIQUIDWEB, US. The main domain is www.forums.freestufftimes.com.

This is the only time www.forums.freestufftimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	67.225.198.48 67.225.198.48	32244 (LIQUIDWEB) (LIQUIDWEB)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.95.3 65.9.95.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
2	52.19.14.6 52.19.14.6	16509 (AMAZON-02) (AMAZON-02)
55	12

12 67.225.198.48 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host4.freestufftimes.com

www.forums.freestufftimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.14.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-14-6.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	311 KB
12	freestufftimes.com www.forums.freestufftimes.com	598 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	63 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 8999 api.viglink.com — Cisco Umbrella Rank: 12684	30 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	96 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9006	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	608 B
55	8

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	www.forums.freestufftimes.com	www.forums.freestufftimes.com
11	pagead2.googlesyndication.com	www.forums.freestufftimes.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	api.viglink.com	cdn.viglink.com
2	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.viglink.com	www.forums.freestufftimes.com
55	11

This site contains links to these domains. Also see Links.

Domain
www.freestufftimes.com
www.costco.com
xenforo.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
viglink.com Amazon RSA 2048 M01	`2023-02-14` - `2023-11-10`	9 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Frame ID: 421BFA08E7FC646FC8CF9B43C906B454
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230214/r20190131/zrt_lookup.html
Frame ID: 8ABE5A809E91A37C5F1B1CB34EEAA4CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230
Frame ID: F87C8477942FD1AD3B970B884C44078F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=2315675125&adf=4240676819&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987462&bpp=1&bdt=1097&idt=230&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=W02kY7GAUN&p=http%3A//www.forums.freestufftimes.com&dtd=232
Frame ID: 9BE25CC7A57B132E77C70866A6AEC201
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&adk=85976724&adf=3412083302&lmt=1676625986&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&ea=0&pra=7&wgl=1&dt=1676625987516&bpp=2&bdt=1151&idt=183&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90%2C1180x90&nras=1&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230214&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=198
Frame ID: E81597EAD9E2A1A9A18F3F1E4A8F0DB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 923BF4E4559FE8D2D0F858983CE4D08F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23CDA95A754EF6A5BEF46E66FE797451
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 3011B279255C96EDBB9F7491D9FB52D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: B6AD8E16D43EEE1A5747157DBC5CCDE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FF32C7845A6F130CD04C531A121EA17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D27B1F684C93A78E19CD4EF7CC8C3C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Costco Members: 2-Piece Leatherman REV + Style CS Multitool Combo Pack $35 | Free Stuff Times Forums

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

76 %
HTTPS

73 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1101 kB
Transfer

2554 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.freestufftimes.com/

Search URL Search Domain Scan URL

URL: https://www.costco.com/Leatherman%20REV%20+%20Style%20CS%20Multitool%202-Piece%20Combo%20Pack.product.1832942.html
Title: https://www.costco.com/Leatherman REV + Style CS Multitool 2-Piece Combo Pack.product.1832942.html

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2022 XenForo Ltd.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

55 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/ 32 KB
10 KB 676ms
208ms Document
text/html 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/

Protocol

HTTP/1.1

Server

67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host4.freestufftimes.com

Software

LiteSpeed /

Resource Hash

55a86a6594cf25a90af3bbc84347cb644ee16e2e3ed96a1269bb557afca1b9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9842
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Feb 2023 09:26:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Fri, 17 Feb 2023 09:26:26 GMT
Server: LiteSpeed
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fa-regular-400.woff2
www.forums.freestufftimes.com/styles/fonts/fa/ 165 KB
165 KB 146ms
145ms Font
font/woff2 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Origin: http://www.forums.freestufftimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Last-Modified: Sun, 12 Feb 2023 06:35:42 GMT
Server: LiteSpeed
Etag: "29340-63e888be-e3dae3cf22f263c0;;;"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 168768

GET
H/1.1 200
OK fa-solid-900.woff2
www.forums.freestufftimes.com/styles/fonts/fa/ 134 KB
134 KB 289ms
143ms Font
font/woff2 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Origin: http://www.forums.freestufftimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Last-Modified: Sun, 12 Feb 2023 06:35:43 GMT
Server: LiteSpeed
Etag: "21678-63e888bf-141c6f8ea045b09a;;;"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 136824

GET
H/1.1 200
OK fa-brands-400.woff2
www.forums.freestufftimes.com/styles/fonts/fa/ 75 KB
75 KB 289ms
143ms Font
font/woff2 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Origin: http://www.forums.freestufftimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Last-Modified: Sun, 12 Feb 2023 06:35:43 GMT
Server: LiteSpeed
Etag: "12bc4-63e888bf-1a554f2a190fd458;;;"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 76740

GET
H/1.1 200
OK css.php
www.forums.freestufftimes.com/ 390 KB
82 KB 321ms
177ms Stylesheet
text/css 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

http://www.forums.freestufftimes.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1676223923&k=a004680bd192ce1d3dcc45bc5e46c631cdf35152

Requested by

Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/

Protocol

HTTP/1.1

Server

67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host4.freestufftimes.com

Software

LiteSpeed /

Resource Hash

410339f58873dd024d024b66f0d7dcc97ac6b56a44806a3171a7df6386eb2c79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 17:45:23 GMT
Server: LiteSpeed
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: Keep-Alive
Content-Length: 83866
Expires: Sat, 17 Feb 2024 09:26:26 GMT

GET
H/1.1 200
OK css.php
www.forums.freestufftimes.com/ 31 KB
7 KB 314ms
170ms Stylesheet
text/css 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

http://www.forums.freestufftimes.com/css.php?css=public%3Amessage.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Aextra.less&s=1&l=1&d=1676223923&k=b03307ec5fceb8d103e1cdbd0bde458ff1123778

Requested by

Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/

Protocol

HTTP/1.1

Server

67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host4.freestufftimes.com

Software

LiteSpeed /

Resource Hash

d9176a989269572245d494745cd9bfd2cdfc19a5dd43f8e91c47f1cc344a5130

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 17:45:23 GMT
Server: LiteSpeed
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: Keep-Alive
Content-Length: 6411
Expires: Sat, 17 Feb 2024 09:26:26 GMT

GET
H/1.1 200
OK preamble.min.js Show response
www.forums.freestufftimes.com/js/xf/ 3 KB
2 KB 289ms
144ms Script
application/javascript 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/js/xf/preamble.min.js?_v=2041fac2
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 06:37:30 GMT
Server: LiteSpeed
Etag: "d33-63e8892a-753836ac025f9b87;gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1691
Expires: Fri, 24 Feb 2023 09:26:26 GMT

GET
H/1.1 200
OK 1x1-00000000.png
www.forums.freestufftimes.com/data/assets/logo/ 68 B
400 B 143ms
142ms Image
image/png 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.forums.freestufftimes.com/data/assets/logo/1x1-00000000.png
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:27 GMT
Last-Modified: Sun, 12 Feb 2023 17:45:21 GMT
Server: LiteSpeed
Etag: "44-63e925b1-6b01e6cd101b43af;;;"
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 68
Expires: Fri, 24 Feb 2023 09:26:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 231ms
141ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2ed386e27af9be1384566bc5aff1dd50198aa9ee5ca7ad1dc102bb99cd624cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49550
x-xss-protection: 0
server: cafe
etag: 16521870699758637042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 09:26:27 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
www.forums.freestufftimes.com/js/vendor/jquery/ 87 KB
34 KB 143ms
143ms Script
application/javascript 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=2041fac2
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 06:37:44 GMT
Server: LiteSpeed
Etag: "15d84-63e88938-898de58ecc27b1c8;gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 34811
Expires: Fri, 24 Feb 2023 09:26:27 GMT

GET
H/1.1 200
OK vendor-compiled.js Show response
www.forums.freestufftimes.com/js/vendor/ 43 KB
14 KB 145ms
144ms Script
application/javascript 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/js/vendor/vendor-compiled.js?_v=2041fac2
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 06:37:24 GMT
Server: LiteSpeed
Etag: "aab8-63e88924-73eb9cec7a83d272;gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14170
Expires: Fri, 24 Feb 2023 09:26:27 GMT

GET
H/1.1 200
OK core-compiled.js Show response
www.forums.freestufftimes.com/js/xf/ 209 KB
70 KB 145ms
144ms Script
application/javascript 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forums.freestufftimes.com/js/xf/core-compiled.js?_v=2041fac2
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: 24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 06:37:30 GMT
Server: LiteSpeed
Etag: "3439d-63e8892a-c1ac15469378c029;gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 71693
Expires: Fri, 24 Feb 2023 09:26:27 GMT

GET
H/1.1 200
OK 1.jpg
www.forums.freestufftimes.com/data/avatars/m/0/ 3 KB
4 KB 144ms
144ms Image
image/jpeg 67.225.198.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.forums.freestufftimes.com/data/avatars/m/0/1.jpg?1412930031
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 67.225.198.48 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host4.freestufftimes.com
Software: LiteSpeed /
Resource Hash: bf81edf23fa6bb41064cc01df33a0a75f4f7b0c335b3ad0d40bd05ddd45e0005

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:26:27 GMT
Last-Modified: Fri, 10 Oct 2014 08:33:51 GMT
Server: LiteSpeed
Etag: "d59-543799ef-672ae277feaed69a;;;"
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3417
Expires: Fri, 24 Feb 2023 09:26:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 366 KB
120 KB 110ms
107ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3927666679420793&plah=www.forums.freestufftimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70c56f87b0bf72858ce135e778c184699e302c52fcb2f30e0f94533b52846888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123020
x-xss-protection: 0
server: cafe
etag: 16039305048707288960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 09:26:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230214/r20190131/ Frame 8ABE 10 KB
5 KB 224ms
40ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230214/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:40:18 GMT
etag: 10353107486223812946
expires: Thu, 02 Mar 2023 18:40:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 82 KB
29 KB 112ms
45ms Script
text/javascript 65.9.95.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: www.forums.freestufftimes.com
URL: http://www.forums.freestufftimes.com/threads/costco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295/
Protocol: HTTP/1.1
Server: 65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-3.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a668268856434cbdbb058b9cb3e8d73eb6159305075868ae67b5c1c38e51ca1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 13:37:00 GMT
Content-Encoding: gzip
Via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Feb 2023 13:36:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 244168
ETag: "18a10f22bd971df457201f5dcd81eef1"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28829
X-Amz-Cf-Id: PTRmkH31dCS2_GVRKcMEK0LWJfAOpBbtLRpfjCcWDkWwigltRG253A==

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
608 B 180ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.forums.freestufftimes.com&callback=_gfp_s_&client=ca-pub-3927666679420793

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3927666679420793&plah=www.forums.freestufftimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

037665e0a5f8bb8b600312d115d0bcb411f4302a68ad1a7af72f75320f18047a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 181ms
50ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.forums.freestufftimes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 153ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.forums.freestufftimes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F87C 72 KB
29 KB 813ms
812ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d584e621a3f3b2d3ea16dfd2832253fad7d0f2d429d396976a4e2bd4a9f4302e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29577
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:28 GMT
expires: Fri, 17 Feb 2023 09:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BE2 72 KB
29 KB 582ms
582ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=2315675125&adf=4240676819&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987462&bpp=1&bdt=1097&idt=230&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=W02kY7GAUN&p=http%3A//www.forums.freestufftimes.com&dtd=232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f5c13ffc44126cb944d04d332377c0096eb3f87c76037970e5dd1f0ec93f66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29531
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:28 GMT
expires: Fri, 17 Feb 2023 09:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E815 0
180 B 52ms
51ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&adk=85976724&adf=3412083302&lmt=1676625986&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&ea=0&pra=7&wgl=1&dt=1676625987516&bpp=2&bdt=1151&idt=183&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90%2C1180x90&nras=1&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230214&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=198

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:27 GMT
expires: Fri, 17 Feb 2023 09:26:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9BE2 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKEdIQ0jvY-a9LKbCmLAPoN2FiA6fq6iDb8KT_-WsEeKGt7yBORABILTo_AFglcKmgrAHoAHckpuZKMgBAqgDAcgDyQSqBKkCT9DwfTNkX381m3VHzI8maZ6GtvvaRQ_RDjXkT9l-2oyWJWUoZ_mJVqeBnEskFI8r6G5p8RXllZ7rehDBsLOeVGgO26xllIWaiPQb8TQ3c2_tzjwqHtilBf-5Gi6wjyPR9fwzW6NSlOzaqWtMTmrxcuptIpsg-CdWPPnDmI58c_hbpsC-CJrmBMgUKo6-u80dSUV5j_tWrCTrbOCtGI7eOPVQf3pR2Xp2FaFwx5gV5el92QM719enDgkrohGInAg2XzMFFcR2_w2raJDxIdmsM864h85-epfiDamm_QEYbGhrY6AuNgiVIDLwI4A20I41MrGWwFLaM_gKDh_Mgv1iprO8nfmAOATZAMv7D3_Ea9H-WVllN0IFcmug8Smeh8AmXzMdzH7nz3lhwATQ2PuWuQSSBQQIBBgBkgUECAUYBKAGAoAH3Mrr-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCZrwbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zOTI3NjY2Njc5NDIwNzkzGAA&sigh=EORq0bTT1Kk&uach_m=[UACH]&cid=CAQSGwDUE5ymaaus9uaW-RrRtrLvb5zeeDhapQa0wBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=2315675125&adf=4240676819&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987462&bpp=1&bdt=1097&idt=230&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=W02kY7GAUN&p=http%3A//www.forums.freestufftimes.com&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=2315675125&adf=4240676819&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987462&bpp=1&bdt=1097&idt=230&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=W02kY7GAUN&p=http%3A//www.forums.freestufftimes.com&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Feb 2023 09:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Feb 2023 09:26:28 GMT

GET
H2 200 17880859745133579644
tpc.googlesyndication.com/simgad/ Frame 9BE2 9 KB
9 KB 510ms
82ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17880859745133579644?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnkldV5749F9NqQizBBfDNEf9f5Hw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef9e08ac15bbf1d31be03e7d6755802998e3aa03afa9d461dd8c7581a7b9831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:47:19 GMT
x-content-type-options: nosniff
age: 178749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9176
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 07:47:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 9BE2 22 KB
9 KB 464ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9BE2 3 KB
1 KB 503ms
79ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 07:17:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9BE2 20 KB
8 KB 468ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 02:12:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 02:12:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BE2 156 KB
48 KB 484ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 09:26:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9BE2 33 KB
13 KB 518ms
96ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 20:09:42 GMT

GET
H2 200 7380634314052641330
tpc.googlesyndication.com/simgad/ Frame F87C 5 KB
5 KB 112ms
108ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7380634314052641330?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qllbpDaoMvMw5kSYxELPBSrZXb9xA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0624e5683a2c6e80d6184863ecb82436fd31985ee59d026f43e71374460ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:56:47 GMT
x-content-type-options: nosniff
age: 170981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4974
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 08:57:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 09:56:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame F87C 22 KB
9 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F87C 3 KB
1 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 07:17:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F87C 20 KB
8 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 02:12:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 02:12:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F87C 156 KB
48 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 09:26:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F87C 33 KB
13 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 20:09:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F87C 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBn3oQ0jvY-eXLKbCmLAPoN2FiA6fq6iDb6aL1q_6EOKGt7yBORABILTo_AFglcKmgrAHoAHckpuZKMgBAqgDAcgDyQSqBKwCT9B3QOcfiTA1DwJagcLVDDT3GlZBpumkuY7m-_YCCCvVj9OYczApun5bmboViU7a_QWIWQ1Ug7LInWZcmGv791NBxfZwSbGbmL2UK_TESRkfRXWjQZTGjAmHj1nB8F6oUQYhfwbFKdy9imGbYGDW8cHBA8EMWk-PDwrRDuNCCgnxfxpDySxQTFACoxlzWyT-gZHREYbEsMoRe_NxtNmQI3wlFR_OTrpNVmHDMe_YymiZQLkpUXx4sYZMGKgBJl2usSQ3Q8lO9LaBQc2LfEdsIDanedtp8xVNrqrikVeMs5hecnhAD1fyhxoNJZqItTCxvyvqNnPFXmOf9233X386WEDhSXDNvYZKzg6N1BpnsybQ79v-QEtMC_SypigHP_hHdHq-DkSdQtnJd3qgwATQ2PuWuQSSBQQIBBgBkgUECAUYBKAGAoAH3Mrr-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDq1grSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zOTI3NjY2Njc5NDIwNzkzGAA&sigh=gzG76mvy2Iw&uach_m=[UACH]&cid=CAQSGwDUE5ym6nJNgcMYRxvS1576AJ8R3Dg_Nu9kQhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Feb 2023 09:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 923B 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=2315675125&adf=4240676819&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987462&bpp=1&bdt=1097&idt=230&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=1180x90&correlator=8028829923246&frm=20&pv=1&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=W02kY7GAUN&p=http%3A//www.forums.freestufftimes.com&dtd=232
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 08:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9BE2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aab67261a64fe1a64f1b1b5df5c4017e090da9f7a76b0f0dc086a90cac12559

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23CD 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 08:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 923B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:29 GMT
expires: Fri, 17 Feb 2023 09:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F87C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db4e3b640432311b9087d490b452a0eac50b709659e0b651ad9a03afbd78ec78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
95ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:29 GMT
expires: Fri, 17 Feb 2023 09:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3011 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 07:17:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 179ms
86ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335753b1014eab48cb380ce1bcacd29b31cc0c63a1529318f94884502a696c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame B6AD 36 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927666679420793&output=html&h=90&slotname=6141408516&adk=3833231227&adf=80875444&pi=t.ma~as.6141408516&w=1180&fwrn=4&fwrnh=100&lmt=1676625986&rafmt=2&format=1180x90&url=http%3A%2F%2Fwww.forums.freestufftimes.com%2Fthreads%2Fcostco-members-2-piece-leatherman-rev-style-cs-multitool-combo-pack-35.185295%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&dt=1676625987457&bpp=5&bdt=1091&idt=215&shv=r20230215&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=8028829923246&frm=20&pv=2&ga_vid=1895454527.1676625988&ga_sid=1676625988&ga_hid=282843441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&oid=2&pvsid=1311545343032390&tmod=1209753683&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20230214&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JsWtw8cfx9&p=http%3A//www.forums.freestufftimes.com&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 07:17:38 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 160 B
621 B 355ms
63ms XHR
text/javascript 52.19.14.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.14.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-14-6.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: d97182fb57f64292fabb5f69b209061dd896dc9de61cee4be6d87096fcd64e1f

Request headers

Referer: http://www.forums.freestufftimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 09:26:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.forums.freestufftimes.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 09:26:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FF3 13 KB
5 KB 43ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 07:31:56 GMT
expires: Sat, 17 Feb 2024 07:31:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D27 783 B
971 B 76ms
75ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b438d7375d322a55e38f81ed7daba1f2c7a790ae3d96a168e65304c6173228a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NFADCCj0BwB4SgQq_fndFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.forums.freestufftimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-NFADCCj0BwB4SgQq_fndFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 09:26:29 GMT
expires: Fri, 17 Feb 2023 09:26:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BE2 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstceAaKDGePz9j3eAylyHJz5XJJHtKWoSMzShIjpzHsoWf2Pp-VSx3tN20gnBFpCEyBgLSjYWqcx9MGB0zxTS8ZNcMid7-a2JVJV9gDpERAxluo9mK8qM2df-M9cTxyu3oX-9Ll6Q&sai=AMfl-YR-arpiw8q9mWaYits4lS7fxLr2tV3ljR4ewZAOQm5vwGQxB5rnyMZMpvWqZaoG2Qevz5P2aiqN3z-w&sig=Cg0ArKJSzH-0yRyWr_X6EAE&cid=CAQSGwDUE5ymaaus9uaW-RrRtrLvb5zeeDhapQa0wBgB&id=lidar2&mcvt=1000&p=0,223,90,958&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2315675125&rs=2&la=0&cr=0&vs=4&r=v&rst=1676625987696&rpt=1173&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D27 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=1311545343032390&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FF3 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 07:17:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F87C 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8aJcfcck8THg-9TVWXl-8xED1l3PiwHNKuO50v7nJ-p3zSi6c9_rQxZO8kgytpMI0fmqQvHLv_f4LnFowrNk9vgZyh2iz7BSFBxIR8GGZqLnDfV8XErmGrxM3tnwvcWElV6inSQ&sai=AMfl-YSHnKP78_bgz_tFULVOSFtOPyRzHYjugjOHj2l9CF-K2KdHdsvW6aMYjnqzscVB4ooTCdNW3bw71otZ&sig=Cg0ArKJSzLJmD4sVePsAEAE&cid=CAQSGwDUE5ym6nJNgcMYRxvS1576AJ8R3Dg_Nu9kQhgB&id=lidar2&mcvt=1000&p=0,223,90,958&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3833231227&rs=2&la=0&cr=0&vs=4&r=v&rst=1676625987689&rpt=1207&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
501 B 61ms
61ms XHR
text/javascript 52.19.14.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.14.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-14-6.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: eb01b4c482c3d8cf93f064dc0bcf7260c780661ec7f76d1b89c60e16c48f1ebe

Request headers

Referer: http://www.forums.freestufftimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 09:26:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.forums.freestufftimes.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FF3 0
10 B 41ms
41ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oQfQKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:26:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3927666679420793&su=www.forums.freestufftimes.com&eid=44759876%2C44759842%2C44759927%2C31071755%2C31072384%2C31071976&doc=complete&pg_h=810&pg_w=1600&pg_hs=1200&c=2&aa_c=0&av_h=90&av_w=1180&av_a=106200&s=365.016&all_s=365.016&b=129.297&all_b=129.297&d=0.222&all_d=0.222&ard=0.164&all_ard=0.164&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:26:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=1311545343032390&bg=!CAulC1_NAAZYlHKzeJQ7ADkAdvg8WsL9GXfPXIlQYJ78zFACJyGA0j-ekesfOX_bt5qFOh0tv3X60lBd-Ev5pNc-t2ueHgoaBs0CAAAAf1IAAAADaAEHmQLmlkZKSdzsuLqCAn2DVhVdaspyURl-BVrN3b8-F0pJnhM9-o6eTJTlDMQlvrG5sbiyb6K_vCoXavcPUBqVYNIoL5-hnJ-JoYl7PUUSNCrI30CGoLnZpDXPKi5qRtEolXVMAik0cCdq5e4X9WnHHuyQLb58e1omtdcpxZznJ3dOgiZXlNgq3pCdqP32_62gUCX9p6LE3NiW7OnmtBlcqu5tVQKWLSJO_YuIIjHh9PJwD_NhRItKhbYswNuW3tZe2XPoGHDeV_b3StvDq8QojNjZq4D8Uao71ewNfeUmtEAkFxVylJIGE5kRztyqBXb34tQvr5saVMIkxhR611JinrFAOBAQHX6JW0WTy7GifrPgF9Y1zgSn4XNbEDQVEtLeyuakZrGE-O7fLVks7-dNNj7Ruoe-tFPIl73ZOAE0LfLjGQFf3COy_aYor4sYTHUqijs1Aw2HRc9pHi_vdFbBpCRyTl3Q-TDplC6cUoeBLUIDtPBOsG20eAC3pjt9Ib1L4omW-_VFin9oR1yPt6IpV9fBs6GhLqnPmnNnSZHelbg3dzCeDmP6giE2HkO6uMEVUNW-tirIRcy_E5xKWXMYHjOmJ5NXBfMRbsYXg2fyk-TnXfJyGivlwZjcFlXRWtMEt1bZIW1bf6m3cSzQWk4AZ1tns70-PAPARzjnXvczpBVIJICxS7KY957KBdpU_jz4yqq2fBJ-khF_upkpSj83Fb7giHigRYHYzaX_Dwpfmg2q6QZJUZICtD61CMyWk6n8beDUml7M4bbQjjV2xG5LWHyu8Dw52VGG4qDLEQK0eA0nXwf0b1h3oaCNEHKuiK1oca8opcsACYtOfAl9F01Rn0Baq2FUDUvEeiJ2W3yE8d7A-Yx6vIkRgwz2R7uQc7majKjwwOxZ9JrZZoKMFVzf72hBnPzKfpysprk97s7nm9cFjeKNaAziDgq_qv3uz8SEnR4PNEx_s6rBfEwVtkyL2VHJ66xgoY9s7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.forums.freestufftimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.forums.freestufftimes.com/	1969-12-31 23:59:59	Name: xf_csrf Value: ymgDrPqFB7NtDGCz
.freestufftimes.com/	1970-01-20 19:05:21	Name: __gads Value: ID=b5d79a285bc565a7-22f518deccdc00ee:T=1676625987:RT=1676625987:S=ALNI_MYVJ2rK7u6A37rAwzNa90MHIafX8A
.freestufftimes.com/	1970-01-20 19:05:21	Name: __gpi Value: UID=00000bb890d443a0:T=1676625987:RT=1676625987:S=ALNI_MaBqyOafrBrffRnrnSwF9H1B8McZA
.doubleclick.net/	1970-01-20 19:05:21	Name: IDE Value: AHWqTUkhJViLgwain4UvODCaXpocynhXcjSf1_vudx_Tuv-BxUaezdJrYsgyMfLefAw
.doubleclick.net/	1970-01-20 09:43:46	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:43:49	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.viglink.com
cdn.viglink.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.forums.freestufftimes.com
www.google.com
www.googletagservices.com
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:400d:80c::2004
52.19.14.6
65.9.95.3
67.225.198.48
037665e0a5f8bb8b600312d115d0bcb411f4302a68ad1a7af72f75320f18047a
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f5c13ffc44126cb944d04d332377c0096eb3f87c76037970e5dd1f0ec93f66c
24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
335753b1014eab48cb380ce1bcacd29b31cc0c63a1529318f94884502a696c94
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
410339f58873dd024d024b66f0d7dcc97ac6b56a44806a3171a7df6386eb2c79
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a86a6594cf25a90af3bbc84347cb644ee16e2e3ed96a1269bb557afca1b9a6
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6aab67261a64fe1a64f1b1b5df5c4017e090da9f7a76b0f0dc086a90cac12559
6ef9e08ac15bbf1d31be03e7d6755802998e3aa03afa9d461dd8c7581a7b9831
70c56f87b0bf72858ce135e778c184699e302c52fcb2f30e0f94533b52846888
86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a668268856434cbdbb058b9cb3e8d73eb6159305075868ae67b5c1c38e51ca1f
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
b438d7375d322a55e38f81ed7daba1f2c7a790ae3d96a168e65304c6173228a2
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
bf81edf23fa6bb41064cc01df33a0a75f4f7b0c335b3ad0d40bd05ddd45e0005
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d
cb0624e5683a2c6e80d6184863ecb82436fd31985ee59d026f43e71374460ca1
d584e621a3f3b2d3ea16dfd2832253fad7d0f2d429d396976a4e2bd4a9f4302e
d9176a989269572245d494745cd9bfd2cdfc19a5dd43f8e91c47f1cc344a5130
d97182fb57f64292fabb5f69b209061dd896dc9de61cee4be6d87096fcd64e1f
db4e3b640432311b9087d490b452a0eac50b709659e0b651ad9a03afbd78ec78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
eb01b4c482c3d8cf93f064dc0bcf7260c780661ec7f76d1b89c60e16c48f1ebe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ed386e27af9be1384566bc5aff1dd50198aa9ee5ca7ad1dc102bb99cd624cb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.forums.freestufftimes.com Open in urlscan Pro 67.225.198.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

76 %HTTPS

73 %IPv6

8 Domains

11 Subdomains

12 IPs

3 Countries

1101 kBTransfer

2554 kBSize

6 Cookies

3 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.forums.freestufftimes.com Open in urlscan Pro
67.225.198.48 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

76 %
HTTPS

73 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1101 kB
Transfer

2554 kB
Size

6
Cookies

55 HTTP transactions
3 data transactions