urlscan.io logo urlscan.io
SecurityTrails logo

thenorthernlights.forumactif.com Open in urlscan Pro
94.23.76.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thenorthernlights.forumactif.com/
Effective URL: https://thenorthernlights.forumactif.com/
Submission: On December 04 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 7 countries across 47 domains to perform 259 HTTP transactions. The main IP is 94.23.76.111, located in Lisbon, Portugal and belongs to OVH OVH SAS, FR. The main domain is thenorthernlights.forumactif.com.
TLS certificate: Issued by R11 on October 13th 2024. Valid for: 3 months.
This is the only time thenorthernlights.forumactif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 94.23.76.111 16276 (OVH OVH SAS)
1 172.64.147.188 13335 (CLOUDFLAR...)
8 54.38.45.96 16276 (OVH OVH SAS)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 185.199.110.153 54113 (FASTLY)
10 169.150.255.180 60068 (CDN77 Dat...)
1 185.199.108.153 54113 (FASTLY)
2 216.58.206.74 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
7 7 188.165.46.1 16276 (OVH OVH SAS)
9 142.250.185.234 15169 (GOOGLE)
2 172.67.69.29 13335 (CLOUDFLAR...)
9 151.101.65.229 54113 (FASTLY)
10 188.114.97.3 13335 (CLOUDFLAR...)
2 172.67.74.105 13335 (CLOUDFLAR...)
2 142.250.185.232 15169 (GOOGLE)
1 3.161.82.69 16509 (AMAZON-02)
19 192.0.77.3 2635 (AUTOMATTIC)
14 151.101.0.84 54113 (FASTLY)
1 76.76.21.164 16509 (AMAZON-02)
1 199.232.196.193 54113 (FASTLY)
4 104.21.235.76 13335 (CLOUDFLAR...)
2 185.199.111.153 54113 (FASTLY)
57 151.101.193.44 54113 (FASTLY)
1 172.67.11.187 13335 (CLOUDFLAR...)
2 172.67.181.105 13335 (CLOUDFLAR...)
1 143.204.215.65 16509 (AMAZON-02)
1 52.47.197.186 16509 (AMAZON-02)
4 142.250.74.195 15169 (GOOGLE)
3 3 104.18.111.161 13335 (CLOUDFLAR...)
1 1 172.67.8.238 13335 (CLOUDFLAR...)
2 148.251.96.239 24940 (HETZNER-A...)
2 172.217.16.142 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
2 172.67.70.117 13335 (CLOUDFLAR...)
2 44.233.137.16 16509 (AMAZON-02)
2 13.32.23.96 16509 (AMAZON-02)
1 3.161.82.71 16509 (AMAZON-02)
7 151.101.65.44 54113 (FASTLY)
7 178.250.1.11 44788 (ASN-CRITE...)
4 142.250.185.66 15169 (GOOGLE)
1 172.67.41.60 13335 (CLOUDFLAR...)
3 13.32.24.226 16509 (AMAZON-02)
1 143.204.215.124 16509 (AMAZON-02)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 3 172.217.16.198 15169 (GOOGLE)
1 23.209.22.22 16625 (AKAMAI-AS)
1 172.67.38.106 13335 (CLOUDFLAR...)
3 18 141.226.228.48 200478 (TABOOLA-A...)
3 172.64.144.50 13335 (CLOUDFLAR...)
2 5 37.252.172.123 29990 (ASN-APPNEX)
6 163.5.194.32 60558 (SECUREDSE...)
6 162.19.138.119 16276 (OVH OVH SAS)
3 162.19.138.120 16276 (OVH OVH SAS)
259 53
8    94.23.76.111 (Lisbon, Portugal)

ASN16276 (OVH OVH SAS, FR)
thenorthernlights.forumactif.com
1    172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
8    54.38.45.96 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: filer-s2.archive-host.com
sd-1.archive-host.com
sd-g1.archive-host.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com
pull.cappuccicons.com
10    169.150.255.180 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 787975672.fra.cdn77.com
cdn.userway.org
1    185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
solrainha.github.io
2    216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f10.1e100.net
ajax.googleapis.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
7    188.165.46.1 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: archive-host.com
www.aht.li
9    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
imasdk.googleapis.com
2    172.67.69.29 (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
9    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
10    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
illiweb.com
transparenttextures.com
2    172.67.74.105 (United States)

ASN13335 (CLOUDFLARENET, US)
cache.consentframework.com
choices.consentframework.com
2    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    3.161.82.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-69.fra56.r.cloudfront.net
ac.audiencerun.com
19    192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
64.media.tumblr.com
14    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
i.pinimg.com
1    76.76.21.164 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.avacrea.org
1    199.232.196.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
4    104.21.235.76 (None, )

ASN13335 (CLOUDFLARENET, US)
2img.net
2    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
icons.cappuccicons.com
source.cappuccicons.com
57    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
beacon.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
vidstatb.taboola.com
wf.taboola.com
1    172.67.11.187 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.sportslocalmedia.com
2    172.67.181.105 (United States)

ASN13335 (CLOUDFLARENET, US)
weatherwidget.io
1    143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net
cdn.viglink.com
1    52.47.197.186 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-197-186.eu-west-3.compute.amazonaws.com
www.terra-canada.com
4    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
3    104.18.111.161 (None, )

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    172.67.8.238 (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
2    148.251.96.239 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: hetzner-prod.ipsfailover.com
api.consentframework.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    172.67.70.117 (United States)

ASN13335 (CLOUDFLARENET, US)
ac.aruncdn.com
2    44.233.137.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-137-16.us-west-2.compute.amazonaws.com
api.userway.org
2    13.32.23.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-96.fra56.r.cloudfront.net
d35m0nfeeqvaj5.cloudfront.net
1    3.161.82.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-71.fra56.r.cloudfront.net
comparisons.sovrn.com
7    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
imprammp.taboola.com
7    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    13.32.24.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-226.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    143.204.215.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-124.fra53.r.cloudfront.net
config.aps.amazon-adsystem.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bt.dns-finder.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net
1    23.209.22.22 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-22-22.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
18    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
am-trc-events.taboola.com
sync.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
3    172.64.144.50 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
5    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    163.5.194.32 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net
6    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
3    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
82 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 934
beacon.taboola.com — Cisco Umbrella Rank: 2035
trc.taboola.com — Cisco Umbrella Rank: 763
vidstat.taboola.com — Cisco Umbrella Rank: 3976
images.taboola.com — Cisco Umbrella Rank: 1906
am-trc-events.taboola.com — Cisco Umbrella Rank: 18337
sync.taboola.com — Cisco Umbrella Rank: 1304
imprammp.taboola.com — Cisco Umbrella Rank: 28776
am-match.taboola.com — Cisco Umbrella Rank: 28568
am-vid-events.taboola.com — Cisco Umbrella Rank: 26930
vidstatb.taboola.com — Cisco Umbrella Rank: 6082
wf.taboola.com — Cisco Umbrella Rank: 4021
971 KB
19 tumblr.com
64.media.tumblr.com — Cisco Umbrella Rank: 15373
11 MB
14 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2496
1 MB
12 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3208
api.userway.org — Cisco Umbrella Rank: 3180
66 KB
11 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 506
217 KB
9 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
735 KB
8 illiweb.com
illiweb.com — Cisco Umbrella Rank: 347944
44 KB
8 archive-host.com
sd-1.archive-host.com
sd-g1.archive-host.com
10 MB
8 forumactif.com
thenorthernlights.forumactif.com
170 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
33 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
208 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
2 KB
7 aht.li
www.aht.li
3 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 788
285 B
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
5 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
90 KB
4 gstatic.com
fonts.gstatic.com
94 KB
4 2img.net
2img.net — Cisco Umbrella Rank: 317692
77 KB
4 consentframework.com
cache.consentframework.com — Cisco Umbrella Rank: 36540
choices.consentframework.com — Cisco Umbrella Rank: 38496
api.consentframework.com — Cisco Umbrella Rank: 35112
432 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
910 B
3 temu.com
www.temu.com — Cisco Umbrella Rank: 1951
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
21 KB
3 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 21195
2 KB
3 cappuccicons.com
pull.cappuccicons.com
icons.cappuccicons.com
source.cappuccicons.com
329 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
2 KB
2 cloudfront.net
d35m0nfeeqvaj5.cloudfront.net
34 KB
2 aruncdn.com
ac.aruncdn.com — Cisco Umbrella Rank: 253975
151 KB
2 weatherwidget.io
weatherwidget.io — Cisco Umbrella Rank: 32082
2 KB
2 transparenttextures.com
transparenttextures.com — Cisco Umbrella Rank: 254213
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
177 KB
2 ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 22236
117 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
1 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 947
25 KB
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 31503
2 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 42920
475 B
1 terra-canada.com
www.terra-canada.com
131 KB
1 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 15119
api.viglink.com Failed
29 KB
1 sportslocalmedia.com
ads.sportslocalmedia.com — Cisco Umbrella Rank: 132620
176 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8961
2 KB
1 avacrea.org
www.avacrea.org
518 KB
1 audiencerun.com
ac.audiencerun.com — Cisco Umbrella Rank: 596544
12 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
12 KB
1 github.io
solrainha.github.io
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
27 KB
1 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2020
0 placeholder.com Failed
via.placeholder.com Failed
259 47
Domain Requested by
21 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
19 64.media.tumblr.com thenorthernlights.forumactif.com
17 cdn.taboola.com thenorthernlights.forumactif.com
cdn.taboola.com
14 i.pinimg.com thenorthernlights.forumactif.com
10 cdn.userway.org thenorthernlights.forumactif.com
cdn.userway.org
9 cdn.jsdelivr.net thenorthernlights.forumactif.com
ajax.googleapis.com
cdn.jsdelivr.net
ads.sportslocalmedia.com
8 illiweb.com thenorthernlights.forumactif.com
8 thenorthernlights.forumactif.com thenorthernlights.forumactif.com
ajax.googleapis.com
7 am-trc-events.taboola.com cdn.taboola.com
7 trc.taboola.com cdn.taboola.com
7 beacon.taboola.com cdn.taboola.com
7 gum.criteo.com cdn.taboola.com
7 fonts.googleapis.com thenorthernlights.forumactif.com
7 sd-g1.archive-host.com thenorthernlights.forumactif.com
7 www.aht.li 7 redirects
6 id5-sync.com vidstat.taboola.com
6 prebid.a-mo.net vidstat.taboola.com
5 am-vid-events.taboola.com thenorthernlights.forumactif.com
5 ib.adnxs.com 2 redirects thenorthernlights.forumactif.com
cdn.taboola.com
4 securepubads.g.doubleclick.net ads.sportslocalmedia.com
securepubads.g.doubleclick.net
thenorthernlights.forumactif.com
imasdk.googleapis.com
4 fonts.gstatic.com fonts.googleapis.com
4 2img.net thenorthernlights.forumactif.com
3 lb.eu-1-id5-sync.com vidstat.taboola.com
3 wf.taboola.com vidstat.taboola.com
3 vidstatb.taboola.com thenorthernlights.forumactif.com
3 am-match.taboola.com vidstat.taboola.com
3 imprammp.taboola.com vidstat.taboola.com
3 www.temu.com thenorthernlights.forumactif.com
3 sync.taboola.com 3 redirects
3 images.taboola.com thenorthernlights.forumactif.com
3 ad.doubleclick.net 1 redirects thenorthernlights.forumactif.com
3 c.amazon-adsystem.com ads.sportslocalmedia.com
c.amazon-adsystem.com
3 tinyurl.com 3 redirects
2 ad-delivery.net thenorthernlights.forumactif.com
2 d35m0nfeeqvaj5.cloudfront.net cdn.viglink.com
d35m0nfeeqvaj5.cloudfront.net
2 api.userway.org cdn.userway.org
2 imasdk.googleapis.com ac.audiencerun.com
ads.sportslocalmedia.com
2 ac.aruncdn.com ac.audiencerun.com
2 www.google-analytics.com www.googletagmanager.com
thenorthernlights.forumactif.com
2 api.consentframework.com choices.consentframework.com
2 weatherwidget.io thenorthernlights.forumactif.com
weatherwidget.io
2 transparenttextures.com sd-g1.archive-host.com
2 www.googletagmanager.com thenorthernlights.forumactif.com
www.googletagmanager.com
2 code.ionicframework.com thenorthernlights.forumactif.com
code.ionicframework.com
2 ajax.googleapis.com thenorthernlights.forumactif.com
1 cdn.id5-sync.com thenorthernlights.forumactif.com
1 secure.cdn.fastclick.net thenorthernlights.forumactif.com
1 bt.dns-finder.com btloader.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 btloader.com ads.sportslocalmedia.com
1 comparisons.sovrn.com cdn.viglink.com
1 source.cappuccicons.com icons.cappuccicons.com
1 region1.google-analytics.com www.googletagmanager.com
1 cutt.ly 1 redirects
1 www.terra-canada.com sd-g1.archive-host.com
1 cdn.viglink.com thenorthernlights.forumactif.com
1 ads.sportslocalmedia.com thenorthernlights.forumactif.com
1 icons.cappuccicons.com pull.cappuccicons.com
1 i.imgur.com thenorthernlights.forumactif.com
1 www.avacrea.org thenorthernlights.forumactif.com
1 ac.audiencerun.com thenorthernlights.forumactif.com
1 choices.consentframework.com thenorthernlights.forumactif.com
1 cache.consentframework.com thenorthernlights.forumactif.com
1 maxcdn.bootstrapcdn.com thenorthernlights.forumactif.com
1 solrainha.github.io thenorthernlights.forumactif.com
1 pull.cappuccicons.com thenorthernlights.forumactif.com
1 cdnjs.cloudflare.com thenorthernlights.forumactif.com
1 sd-1.archive-host.com thenorthernlights.forumactif.com
1 kit.fontawesome.com thenorthernlights.forumactif.com
0 api.viglink.com Failed cdn.viglink.com
0 via.placeholder.com Failed thenorthernlights.forumactif.com
259 71
Subject Issuer Validity Valid
m91.maxns.net
R11		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.archive-host.com
Gandi RSA Domain Validation Secure Server CA 3		 2024-06-26 -
2025-06-26		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
pull.cappuccicons.com
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
1667503734.rsc.cdn77.org
E6		 2024-12-04 -
2025-03-04		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
ionicframework.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
illiweb.com
E6		 2024-10-08 -
2025-01-06		 3 months crt.sh
consentframework.com
WE1		 2024-11-14 -
2025-02-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.audiencerun.com
Amazon RSA 2048 M03		 2024-05-28 -
2025-06-26		 a year crt.sh
*.media.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2024-01-03 -
2025-02-02		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-07		 a year crt.sh
*.avacrea.org
R11		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
2img.net
E6		 2024-10-27 -
2025-01-25		 3 months crt.sh
icons.cappuccicons.com
R10		 2024-10-31 -
2025-01-29		 3 months crt.sh
transparenttextures.com
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
sportslocalmedia.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
weatherwidget.io
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
viglink.com
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-10		 a year crt.sh
terra-canada.com
Amazon RSA 2048 M03		 2024-04-16 -
2025-05-15		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.consentframework.com
RapidSSL TLS RSA CA G1		 2024-02-19 -
2025-03-20		 a year crt.sh
aruncdn.com
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
source.cappuccicons.com
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-31		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-19		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
dns-finder.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
id5-sync.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.a-mo.net
R11		 2024-11-01 -
2025-01-30		 3 months crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://thenorthernlights.forumactif.com/
Frame ID: F3E8A6A011E25E7992B94C71B1436947
Requests: 150 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: D3D5FB28CE03EC2868D44A95EFF072A7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 6FB44A8C4F2C9E2598909E42B58417A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Frame ID: B7A5B5BCF006C3F3A5F0B6AC57E7CB54
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Frame ID: E06AFD74DBEC511DA21D80D781378B59
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Frame ID: 78C305C5B70BD3A52C767E4101D629AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Frame ID: 477206DE32A06D91A20F28C3E3437525
Requests: 32 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Frame ID: 9C8AA7084178D08F3478198133C80013
Requests: 29 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Frame ID: 52082529D6B57B525D2321885106FB37
Requests: 28 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 294C09C8388B1B5EB77B28E875680051
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 75C94022C6E0A18624709820756378C3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 7A8F432866CC2D47192816650E2D45BA
Requests: 1 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=06dd71b2-c93b-4fa5-af98-defd21820be2-tucte4a06b7
Frame ID: 19AEAC66A4B60396001C48257089E297
Requests: 2 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=ba0a42f4-c89e-4c17-8756-da7a97b3e7ce-tucte4a06b7
Frame ID: A7BD595798D8EB9A7AFDA9D06DB91F31
Requests: 2 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=2b23c43c-7a51-4345-8953-545f85a21b2f-tucte4a06b7
Frame ID: 6AB59D66F562F9A7E182A79018B70965
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&cmcv=&pix=undefined&cb=1733329207430&uv=3454&tms=1733329207430&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!mprdctdt6_vA!rbcatc_vB!smbs!ufm!vdprc_vD&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d793360e-b70d-4398-bc9e-84958eb1b569&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E1E89598B1C0872B49CA482F5F8C3410
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F3FDA66228D20786378DB28B793AD8B5
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&cmcv=&pix=undefined&cb=1733329207436&uv=3454&tms=1733329207436&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!mprdctdt6_vA!smbs!t45!ufm!uftchrwf_vC!unf_vC&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=555028fa-a666-469f-8be4-813f2b6a7ecf&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 3337DA6BE6D09E63BFABBC0844D14D1D
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4857C150CAF872D45A725DD4FDB485FF
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&cmcv=&pix=undefined&cb=1733329207605&uv=3454&tms=1733329207605&abt=adxsub-out_vA!adxsub-out_vB!flradc_vB!flrmin_vB!iiqrc_vA!iiqwfcontrol_vB!lotc_vA!mprdctdt6_vA!pl157994b_vB!smbs!t45!ufm!ut_vB&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=96134db8-2b7a-49e7-a96a-2f7dd09d751b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 3F00F4A14A3A380F8817767C7AA96B1E
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A2F62CB7B28A7BC2A8F418D441A74BD3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: D5E6B3B9E0D1BA4D036D9B4EDEE7F6F7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A108A49D595FB982324299E2A6CCF47D
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: C74E4E085EC399F318F94D77D9A6340A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

the northern lights

Page URL History Show full URLs

  1. http://thenorthernlights.forumactif.com/ HTTP 307
    https://thenorthernlights.forumactif.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

259
Requests

91 %
HTTPS

0 %
IPv6

47
Domains

71
Subdomains

53
IPs

7
Countries

27218 kB
Transfer

41547 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thenorthernlights.forumactif.com/ HTTP 307
    https://thenorthernlights.forumactif.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.aht.li/3881671/CSS_NORTHERN_LIGHTS_OFFICIEL.css HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Request Chain 66
  • https://www.aht.li/3881690/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png
Request Chain 67
  • https://www.aht.li/3881692/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png
Request Chain 68
  • https://www.aht.li/3881693/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png
Request Chain 69
  • https://www.aht.li/3881694/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png
Request Chain 70
  • https://www.aht.li/3881695/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png
Request Chain 86
  • https://www.aht.li/3881674/forest-lullaby-110624.mp3 HTTP 302
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/forest-lullaby-110624.mp3
Request Chain 94
  • https://tinyurl.com/32z4avd8 HTTP 301
  • https://64.media.tumblr.com/14faf9a4f3858f91fe580db8385f858a/b0ccfd5c6585daa3-51/s500x750/b8b0ce00a4fb50ea45e0624a19ec8310bfd13d87.pnj
Request Chain 96
  • https://tinyurl.com/226znhsn HTTP 301
  • https://64.media.tumblr.com/56ff55ada0de36e302c054d044a6c881/0e8a3a9d0798cbb6-e9/s500x750/29d062ff428e03f5282d2cc0c5a13c71764d7d12.gif
Request Chain 98
  • https://tinyurl.com/4ujy9hsz HTTP 301
  • https://64.media.tumblr.com/df2f1dc0e29d47f3a2556ea86436bcba/6a01f5df44b7c954-fc/s500x750/d2ff5718406f422900c86f738ab1b5c4c9fa3858.pnj
Request Chain 99
  • https://cutt.ly/DeJ4Aht6 HTTP 301
  • https://64.media.tumblr.com/5b1fa7ac9757e5d9038bfb720422a6db/51b91eed470e6118-e3/s500x750/4b78c5a7729727cadae755161d759ddd029648ac.jpg
Request Chain 173
  • https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=thenorthernlights.forumactif.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_pre=CMqlr73CjooDFQGc_QcdkKAeBw;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=thenorthernlights.forumactif.com
Request Chain 185
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=06dd71b2-c93b-4fa5-af98-defd21820be2-tucte4a06b7
Request Chain 186
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Request Chain 188
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=ba0a42f4-c89e-4c17-8756-da7a97b3e7ce-tucte4a06b7
Request Chain 189
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Request Chain 199
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=2b23c43c-7a51-4345-8953-545f85a21b2f-tucte4a06b7

259 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thenorthernlights.forumactif.com/
Redirect Chain
  • http://thenorthernlights.forumactif.com/
  • https://thenorthernlights.forumactif.com/
210 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
d5941a3169d308459c069427a63b6e91fccf83a6c27ddcb095b614209f2f0d69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 16:19:59 GMT
expires
Wed, 04 Dec 2024 00:00:00 GMT
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
1

Redirect headers

Location
https://thenorthernlights.forumactif.com/
Non-Authoritative-Reason
HttpsUpgrades
25e7896bf4.js
kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/25e7896bf4.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
x-request-id
GA4FuU242otgpT7FXZ7i
cache-control
max-age=0, private, must-revalidate
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
cf-ray
8ecd1f0b6ac60e7e-AMS
access-control-allow-origin
*
content-length
9
date
Wed, 04 Dec 2024 16:20:00 GMT
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
onglets.js
sd-1.archive-host.com/membres/up/211183412958130190/ 		549 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sd-1.archive-host.com/membres/up/211183412958130190/onglets.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
db271cfcfdec2e5064473853f546e9ccf1aee6a29cefd78fd444839d73060f05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"3585172594"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
549
Date
Wed, 04 Dec 2024 16:19:59 GMT
Content-Type
application/javascript
Last-Modified
Mon, 29 Jul 2013 18:51:03 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-14983"
age
617938
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9jI%2FFdbb7Ay51vmVIGAYp4QgippdQ0KRgClPNMr6rtFUdE22bjMS1%2F219kztbi5Ly2z3K%2BoHAywZfowOlycX%2Fr4k7IwcQQquY1cHzRT3qNrSHhtTTVHMxSLijUp%2FENdgryMCGep"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 24 Nov 2025 16:19:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ecd1f09799ec806-DUS
accept-ranges
bytes
access-control-allow-origin
*
content-length
26660
server
cloudflare
cpf.js
pull.cappuccicons.com/ 		284 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pull.cappuccicons.com/cpf.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
4937f1144d063267eec43698b5bf60f60f88b8e348c14041b34762a3c1fa58ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-fastly-request-id
6835b754c7b42bb7f5c12e69abdf2ba46f1e4331
content-encoding
gzip
etag
W/"6043678a-11c"
age
320
x-github-request-id
5302:2C94E8:5570E2:57C3FA:6732CA0C
expires
Tue, 12 Nov 2024 03:32:54 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 06 Mar 2021 11:29:14 GMT
x-served-by
cache-mad22078-MAD
x-cache-hits
1
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1733329200.983538,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
203
server
GitHub.com
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c32d3b479112dca3211b0400d00d391e89d014c688bc90b13fcccd7e5e86597c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"2e0c91f589a62061a79a0801e9d185f4"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
7bnMBDq8-Pudt8qm8KonIuCntZAC5ygmDOCrUi0kQkr7hzV-jGYoKg==
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 09:51:26 GMT
x-77-nzt-ray
f88df72e5acb784b2f81506719c73237
vary
Accept-Encoding
x-77-nzt
EgwBqZb/swH3IAUAAAwBw7WvBgG3JgAAAA
cache-control
max-age=3600, public
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
1312
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
honeybee.css
solrainha.github.io/honeybee/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://solrainha.github.io/honeybee/honeybee.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
140041b5ae85cc4741d500512b49b80f7126ff1d05fb8097f25d68fa25cc0a38
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-fastly-request-id
8ece332f3ba3699dec3205cec7203edbaa525937
content-encoding
gzip
etag
W/"5fa7e3d8-9679"
age
507
x-github-request-id
4168:30B871:708717:747DF0:674FEA54
expires
Wed, 04 Dec 2024 05:46:21 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 08 Nov 2020 12:26:00 GMT
x-served-by
cache-mad2200085-MAD
x-cache-hits
1
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1733329200.979347,VS0,VE1
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
6819
x-origin-cache
HIT
server
GitHub.com
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
age
164869
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 18:32:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:10 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"2f34b630ffe30ba2ff2b91e3f3c322a1"
age
465151
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:19:59 GMT
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/20/2024 14:55:09
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8c65772643977b9f8e0e8b1a8af6489a
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8ecd1f0979c40a50-AMS
access-control-allow-origin
*
cdn-edgestorageid
1053
server
cloudflare
cdn-requestcountrycode
DE
CSS_NORTHERN_LIGHTS_OFFICIEL.css
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881671/CSS_NORTHERN_LIGHTS_OFFICIEL.css
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
93 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
bc810e4a1c72b63f19ea8fdb6557b9975696eb5d7c4a34df51db38771564ba04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"2280553047"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
95346
Date
Wed, 04 Dec 2024 16:19:59 GMT
Content-Type
text/css
Last-Modified
Sun, 10 Nov 2024 11:35:18 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=1000
Date
Wed, 04 Dec 2024 16:11:20 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
css2
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
5a68de0e8a358a0c7ce72f5df1cc255a3ebb447b7746a49a89fd2bd4c1698bad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:02:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		6 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Agdasima:wght@400;700&family=Anton&family=Bebas+Neue&family=Silkscreen:wght@400;700&family=Staatliches&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
96a37870fae0c1ac2abbc412335bcdcaa7429708f0f892c371f081eabdd6f874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
7c8bd0e3872704d1131e5caf87dcc18f13f2a515871bab016231a7bc7efba096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 15:55:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;500;600;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
d34d20ca0f3a7049541b4dbc9bdd9cc94b28f629a81a76e7b03644e6986615f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cormorant+Infant:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
5a1ee954d694c917141bac8af0f93232dc4dfbb039ae4d1fe3b7349a602c9952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		1 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Imbue:opsz,wght@10..100,100..900&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
3169051fd031a7b1555a37dbc9e7148813115e6cae0412fb52fc1a0631c7643f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		4 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Imbue:opsz,wght@10..100,100..900&family=Maiden+Orange&family=Rubik+Dirt&display=swap
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
d8c9fbeab056e6f9a0300b2cd1b235d1a5070b73dce4247b7cf21cf071edafd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 16:19:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-fastly-request-id
da8cd904a4a4c22626d8995e44972134f48f2acf
content-encoding
gzip
cf-cache-status
HIT
etag
W/"64382bc3-c854"
age
380563
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOikI7qWnFU9j1Kp2amlF51zrFYhd51MLcuXDlvc9ymXUFMym7Rg%2Fb5sdAwwxIzwVhB2tS1qWUUswR4THg9x1UjuzFLp1Y0xLeyuQz79RixO0FQ4DlD58Yz4taTUzihxmQ%2BZH96r1VKD"}],"group":"cf-nel","max_age":604800}
x-github-request-id
424A:6CC97:15787BB:1600CEC:6746AE8E
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 05:40:54 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=28168&min_rtt=27625&rtt_var=10747&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4274&recv_bytes=4303&delivery_rate=110682&cwnd=12000&unsent_bytes=0&cid=d59cebf93daabb76&ts=54&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 13 Apr 2023 16:20:19 GMT
x-served-by
cache-ams21081-AMS
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1732948636.396773,VS0,VE2
via
1.1 varnish
cf-ray
8ecd1f098b1096f7-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
8313
server
cloudflare
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae5411204cb019e140c148e653dbcb4ec85cba2e079ff58ffbea5530879f4a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"f8b2-e/XUGWjVPBAVuMWpokxu9uWIqng"
age
2729938
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220118-FRA, cache-ams2100127-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
8417
x-jsd-version
1.4.0
122-ltr.css
thenorthernlights.forumactif.com/ 		53 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/122-ltr.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
980eb1a66ffee86fdd38959f9babb362dc9afe4347ff6620f295fa5d7889276a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
max-age=315360000
content-encoding
gzip
x-cache-ma
HIT
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
content-length
10781
date
Wed, 04 Dec 2024 16:19:59 GMT
x-xss-protection
1
content-type
text/css
last-modified
Wed, 04 Dec 2024 00:00:00 GMT
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f10.1e100.net
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
age
475860
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 04:08:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 04:08:59 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33845
x-xss-protection
0
server
sffe
fr.js
illiweb.com/rs3/87/frm/lang/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/lang/fr.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e9780477e3c989fb9654a502f28ccd5325e94e58ca816661dc44539be8abfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
2126584
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QV8joxDOAsms9zm4HMNeJIkvH3ZJUnMx1SbLaoUNc%2FSfQnb0YwWyS%2Bop57zwwRBUvhkU%2FDrvMq35fn5zniEqp9aImYmxtadkc%2Fhnvs%2FPZupCl5p9IHbLQR17yIzQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 01:36:55 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=22&recv=13&lost=0&retrans=0&sent_bytes=15418&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=54&x=1", cfExtPri, cfHdrFlush;dur=17
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Tue, 16 May 2023 15:02:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0989466693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
99116.js
thenorthernlights.forumactif.com/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/99116.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
ede225450916fb53a29c50f310554180ea94b4ae264647b1ad27e8620ca0d1d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
x-cache-ma
MISS
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
content-length
20762
date
Wed, 04 Dec 2024 16:19:59 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 01 Jan 1970 00:01:56 GMT
vary
Accept-Encoding
11337.js
thenorthernlights.forumactif.com/ 		155 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/11337.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
2c668b5725fc6463bc4eacc880a01e81cab297bb7aaef896e9ccc1fc6aa81b13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
x-cache-ma
MISS
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
content-length
132
date
Wed, 04 Dec 2024 16:19:59 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Sat, 09 Nov 2024 10:48:57 GMT
vary
Accept-Encoding
stub
cache.consentframework.com/js/pa/24697/c/IxWav/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.consentframework.com/js/pa/24697/c/IxWav/stub
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8612628c0e62873032a347fc2a12d4008a88cd32eb7626b1a5538528427b7e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
1823
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8Y8nj0h3328azkPzTGHNcwqADbMRv%2BCkXhWhM6CssRlxSwO0A6SrsMuA3B07izanhw9zCY8oh6W4AI0E%2FCEo5b7g2MH2eaB8wGcAi%2FogcnFKaeOHUeAW0wnntAgsqwshdQk1f2No2%2B6kNxV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=18831&min_rtt=18499&rtt_var=4403&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2284&delivery_rate=202387&cwnd=242&unsent_bytes=0&cid=9cc78c784f54372a&ts=50&x=0"
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Wed, 04 Dec 2024 15:49:36 GMT
vary
Accept-Encoding
access-control-allow-headers
Content-Type
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0b7e230b90-AMS
server
cloudflare
cmp
choices.consentframework.com/js/pa/24697/c/IxWav/ 		998 KB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db310e2f9bda46da5064e8c51305603db3f4b6cdaa222356adb49498ca82a0d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvKOVCoSmhPfURD7n7QLfhEvxFErW7LeGZzR3cCHrnBCujKrwAcioWboFMXbQoU64kZW0v4SaiJ2B%2FbZwzfrWvhdlyy4Ixes46NlaDQB9iqfW5S3K3ki1k6LOe5np7lwsrqvIzDHfLsx20sCAmQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=25383&min_rtt=18499&rtt_var=14041&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5860&recv_bytes=2410&delivery_rate=202387&cwnd=246&unsent_bytes=0&cid=9cc78c784f54372a&ts=191&x=0"
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Wed, 04 Dec 2024 15:31:40 GMT
vary
Accept-Encoding
access-control-allow-headers
Content-Type
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0c6f3e0b90-AMS
server
cloudflare
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
age
17562
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220028-FRA, cache-ams2100127-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
9365
x-jsd-version
1.16.0
prebid.js
cdn.jsdelivr.net/npm/prebid.js@9.2.0/dist/not-for-prod/ 		2 MB
615 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid.js@9.2.0/dist/not-for-prod/prebid.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
efed970c7e2f212e97a7ee16de3e8c6394d4cf75faf3772a80da4db738e43f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2651d4-SvYKmtw6XpZ9G852sE7XsG/Ac5E"
age
2535736
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230085-FRA, cache-ams21046-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
628866
x-jsd-version
9.2.0
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6429cb89ca9d3c13b72324dff2a7539ae81620c7977f9c8f40d4b28b8a55f0fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 16:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81616
x-xss-protection
0
server
Google Tag Manager
jquery.cookie.js
illiweb.com/rs3/87/frm/jquery/cookie/ 		1011 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
473931
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfzO7TAMLX9RMMLo%2BfrKo6L92wnGMYFT%2FsJCORYxGuUUdm7Afr06nRmR9aeDtWeK970Px79zJ5BHNFUACc%2BReY0nPFBxmdTbxkSApMlFugw1zRKXJiXnb2HrZJF1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 04:41:08 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4048&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=46&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Wed, 09 Sep 2020 09:40:28 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f09893d6693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
tag.js
ac.audiencerun.com/j/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ac.audiencerun.com/j/tag.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-69.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
259fda2527d9b80edef23dc0e40316ad78ce4fe02acc2bad08392bc7e8a652bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000,public
x-amz-version-id
wFNkf6FWAGo9vcL6DGfTcV5P_XLw6ACZ
etag
"d1411c317fd824c120308106d2f884f9"
age
3117417
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11450
x-amz-cf-id
QrDkizTlcCSsKVFmkefAl5HYjoZL89Jcl3Po5eztGE3ovjDQEHI09A==
date
Tue, 29 Oct 2024 14:23:04 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 14:20:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
tooltipster.js
illiweb.com/rs3/87/frm/mentions/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/mentions/tooltipster.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
310691
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdwTGUAhuUGgsZ2AyLOMGaOxpOfj69rzgutvlZ89aZqvpluWLubM0xHsTTrNBpuq1WHokO8NidGefdyHCJIZIBawueMFWIXq8k1KEqm9brykNepvh%2Frl7JitJVky%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 01 Dec 2025 02:01:48 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5420&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f09893e6693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
init.js
illiweb.com/rs3/87/frm/mentions/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/mentions/init.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
397907
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJNU1xArOrNj%2FiRSzJVY%2BxtXLo1mQ2KApOYGj%2F03AGvLXKfQ682T37ddAHsKpEuT6a4H%2ByN4bGHJBQzLtIHHT02E%2FFsi3p2EXBlbJCKK%2BFlXf%2Bd%2B951yFnNPAekcmw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 01:48:12 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=22&recv=13&lost=0&retrans=0&sent_bytes=15418&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=58&x=1", cfExtPri, cfHdrFlush;dur=11
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Wed, 22 Mar 2023 14:29:57 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0989406693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
FAToolbar.js
illiweb.com/rs3/87/frm/jquery/toolbar/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/jquery/toolbar/FAToolbar.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
566069
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROc8V3O1VXNEHuKDVlbhGeJ9HqbsBxgg5CsrPWsaV77FC3kJhWurYQk3vVD9an6QFRSIbhfO9bMZ5ll0PTMpqERWES5RXZ5BNrPZw88LvQ92HpYL8EFfdylJeZ%2BXxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 03:05:30 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5420&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Mon, 13 Mar 2023 14:51:59 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0989426693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
tooltipster.css
illiweb.com/rs3/87/frm/mentions/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/mentions/tooltipster.css
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b007c1e9053ce42d7bba866b6987ade494de44b13530a13932106c093123eded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
555049
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sk%2FCFIlRbUuBuyBtgaea7rt3Qzh33T8xBeeO4yYU7sF3yfGY3IyLScwQV7UbUToJrDNEDBjCMirv8QVSl4K2FPP5y2ukjifMTaKsUPyNQYGwcSETJNGcQEN6ravU%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 06:09:10 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5420&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
text/css;charset=UTF-8
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0989436693-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1087
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
twemoji.min.js
illiweb.com/rs3/87/frm/twemoji/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/87/frm/twemoji/twemoji.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
739766
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXUFqVO4T9HszshvsTZenjnaBtkljtOwn%2F%2BOAppb0Jbry5N4PagFv6tuG3n9wLwsLjqm0KjWXyJrWCyIyVMN8AKIVWu6NDUmZsvOLxPYMpJ3lVM7BXq9YH6Drh2lBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 02:50:33 GMT
x-cache-ne
EXPIRED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28423&min_rtt=28287&rtt_var=10704&sent=22&recv=13&lost=0&retrans=0&sent_bytes=15418&recv_bytes=6170&delivery_rate=94390&cwnd=12000&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=50&x=1", cfExtPri, cfHdrFlush;dur=21
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/x-javascript
last-modified
Tue, 10 Jan 2023 08:34:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0989446693-AMS
access-control-allow-origin
*
x-cache-pr
EXPIRED
x-xss-protection
1; mode=block
server
cloudflare
monomer.js
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/monomer.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7174-TI13tHtwe+ecTzoB+WHDA6ZdKiA"
age
5578
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230049-FRA, cache-ams2100127-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
7985
x-jsd-version
master
switcheroo.js
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/switcheroo.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"454c-pe4tkPHL9eLRnfHOspJ1cZfOJFw"
age
9821
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220142-FRA, cache-ams2100127-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4405
x-jsd-version
master
ae86cd2d39194ac5b82c93a8e0ceb6fa089f1fcc.pnj
64.media.tumblr.com/4a953d86588d6c46a1a5f46fe5168b6e/b519e1e34a215089-4e/s500x750/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/4a953d86588d6c46a1a5f46fe5168b6e/b519e1e34a215089-4e/s500x750/ae86cd2d39194ac5b82c93a8e0ceb6fa089f1fcc.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d82b165d7693696cb8fdd91a06bbe8001c19f89cdce8108cc96611b5bbd8632e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"fc6b4ae5b750e12d595f929573fcc87b-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=0.0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
image/jpeg
last-modified
Sun, 21 Apr 2024 21:56:42 GMT
content-disposition
inline; filename="tumblr_4a953d86588d6c46a1a5f46fe5168b6e_ae86cd2d_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
75381
server
nginx
f3f98ffdd3d0bca394c4081bc7174ab747200fb0.pnj
64.media.tumblr.com/652877b8ecc26308c9cc11c31ec6d85b/74f2f19d3a66acab-6d/s500x750/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/652877b8ecc26308c9cc11c31ec6d85b/74f2f19d3a66acab-6d/s500x750/f3f98ffdd3d0bca394c4081bc7174ab747200fb0.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f7db71d6fa6b9617923e3993fc1d45ebdd16f8ca1f97560808eb6313460fb290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"a262ce0f07af2125a24a156662a657f6-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
image/jpeg
last-modified
Mon, 14 Aug 2023 14:28:06 GMT
content-disposition
inline; filename="tumblr_652877b8ecc26308c9cc11c31ec6d85b_f3f98ffd_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
90427
server
nginx
7bbc92d2af734d8165a498f65765b604eae2a142.pnj
64.media.tumblr.com/88276954cdeadc755cec0684f4a17311/a491fc939d850d9c-10/s500x750/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/88276954cdeadc755cec0684f4a17311/a491fc939d850d9c-10/s500x750/7bbc92d2af734d8165a498f65765b604eae2a142.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7cd34434289e60bc56dbcfe92f4b93e3ecc6a7a4211102aaaef1d63a632017ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"4de740244ba70827d67795346a19c122-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
image/jpeg
last-modified
Sat, 09 Mar 2024 15:12:18 GMT
content-disposition
inline; filename="tumblr_88276954cdeadc755cec0684f4a17311_7bbc92d2_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 6
access-control-allow-origin
*
x-frames
1
content-length
76374
server
nginx
c3a11e4a53d0ff197b3f1030073d24039641adc6.pnj
64.media.tumblr.com/052ba193f94830076210ae9dea737d8b/4d99e57c5b3be4ef-12/s500x750/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/052ba193f94830076210ae9dea737d8b/4d99e57c5b3be4ef-12/s500x750/c3a11e4a53d0ff197b3f1030073d24039641adc6.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
abee6ffde726f688a55d2f6afa3de413a907a55bc017957ac2cddc266a853d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"ba6a3937e904eacb41832c192f98ff94-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
image/jpeg
last-modified
Sun, 13 Dec 2020 06:46:52 GMT
content-disposition
inline; filename="tumblr_052ba193f94830076210ae9dea737d8b_c3a11e4a_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
77436
server
nginx
ecf7c8e9abe4bac1608128dda350f398ba1d16a5.pnj
64.media.tumblr.com/e1fe6c1cb7ef2163a4922ae8e5c5b0c2/67dc526bda408b37-12/s500x750/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/e1fe6c1cb7ef2163a4922ae8e5c5b0c2/67dc526bda408b37-12/s500x750/ecf7c8e9abe4bac1608128dda350f398ba1d16a5.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0529241a32212dbb3ab5af749bbb99fd64d75256edef6a87b1e1c9c525d2817b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"b2c22258f71d4b3d76dca1999ee60644-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:19:59 GMT
content-type
image/jpeg
last-modified
Tue, 06 Dec 2022 17:50:26 GMT
content-disposition
inline; filename="tumblr_e1fe6c1cb7ef2163a4922ae8e5c5b0c2_ecf7c8e9_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
184254
server
nginx
7401cfe62158b7cad060c1262ce14cd1dc933521.jpg
64.media.tumblr.com/a94c289be5560978d9ea5912f3f0d846/3056d8b6f9bcc8a8-74/s400x600/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/a94c289be5560978d9ea5912f3f0d846/3056d8b6f9bcc8a8-74/s400x600/7401cfe62158b7cad060c1262ce14cd1dc933521.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
61cc863699ce39577b6ac106b6fd12b1083af54848933a74663314efced81c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"2bfec29b0dc48e50c863c8da94231622-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Tue, 10 Sep 2024 20:39:58 GMT
content-disposition
inline; filename="tumblr_a94c289be5560978d9ea5912f3f0d846_7401cfe6_400.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 6
access-control-allow-origin
*
x-frames
1
content-length
65054
server
nginx
b3ccb5017b562f113ce8d08b1bedb212.jpg
i.pinimg.com/736x/b3/cc/b5/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/b3/cc/b5/b3ccb5017b562f113ce8d08b1bedb212.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e9ab1cb35e5927952c292e3ce4b0286f88c8983df427ef147d9a49ecbdd2a99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"0c1ae53b0171ff882dc3d4b2a441d386"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
124524
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
x-amz-server-side-encryption
AES256
bd3999aab0a237c6ce7a736420ba42ac953a7260.pnj
64.media.tumblr.com/965dc0d278f7faa0d94bf64ab0cc2c9a/34d9ee91dfcaca27-37/s400x600/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/965dc0d278f7faa0d94bf64ab0cc2c9a/34d9ee91dfcaca27-37/s400x600/bd3999aab0a237c6ce7a736420ba42ac953a7260.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
910ba9bed4079e9e588eace0240252589f8837c0609c55cec4705a40feacb008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"3258e71e96a3354dbada8c77266ca354-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Fri, 18 Dec 2020 22:14:49 GMT
content-disposition
inline; filename="tumblr_965dc0d278f7faa0d94bf64ab0cc2c9a_bd3999aa_400.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
44366
server
nginx
76d6ebf44247bc0a6d3490f012fbff31.jpg
i.pinimg.com/736x/76/d6/eb/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/76/d6/eb/76d6ebf44247bc0a6d3490f012fbff31.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5f3e2e9276865839ee5cedb223e4ae146694965c1fae6b5b49075b095a827c66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
PENDING
cache-control
max-age=31536000, immutable
etag
"ab87e550cdea435ef6c76d44b1fe7af4"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
100555
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
x-amz-server-side-encryption
AES256
d5e50f52b75d557f3fe93bbb454fd1bf9dd649f3.pnj
64.media.tumblr.com/1b04bd8c320163c8c269b650bf7f29dd/73058498cfff5a94-30/s250x400/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/1b04bd8c320163c8c269b650bf7f29dd/73058498cfff5a94-30/s250x400/d5e50f52b75d557f3fe93bbb454fd1bf9dd649f3.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
685b855c1c80ba9842e7230b1839aff8c34f217b60479781ccdd15094e59180b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"5fb44a62a266b6d26ce41f3513d209e2-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Tue, 14 Apr 2020 11:35:12 GMT
content-disposition
inline; filename="tumblr_1b04bd8c320163c8c269b650bf7f29dd_d5e50f52_250.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 6
access-control-allow-origin
*
x-frames
1
content-length
19517
server
nginx
cd7be2379ad124220cf7b70fbe317489db4cf860.pnj
64.media.tumblr.com/25903102b4bc54084fe8b08a74c7f518/969e45f8cd02908a-b4/s250x400/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/25903102b4bc54084fe8b08a74c7f518/969e45f8cd02908a-b4/s250x400/cd7be2379ad124220cf7b70fbe317489db4cf860.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fbfdd16e46aa961bdd0aa36416dc0fa97b47826d2bd55fa6df0181bd0b8a5aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"065215b605ed1855d4d72e3904f20399-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Wed, 09 Dec 2020 19:11:56 GMT
content-disposition
inline; filename="tumblr_25903102b4bc54084fe8b08a74c7f518_cd7be237_250.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 6
access-control-allow-origin
*
x-frames
1
content-length
20685
server
nginx
9d67d544ba617bc7d14016f8b741211b.jpg
i.pinimg.com/236x/9d/67/d5/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/236x/9d/67/d5/9d67d544ba617bc7d14016f8b741211b.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cb2c0b52d37fe5f920c33b62c63911190100e41e3a2a952c8bef4d2af11e518

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"361d8fcc13aaa9c1c2410cb22fd025cb"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
14945
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
x-amz-server-side-encryption
AES256
tumblr_of229g7GbY1txv5a9o1_1280.jpg
64.media.tumblr.com/cee286f96331c28dc0487cafae26c3f0/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/cee286f96331c28dc0487cafae26c3f0/tumblr_of229g7GbY1txv5a9o1_1280.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ad1eeeeec913548c6df9f0bdcfe9abe43f93e163dcc6aa3e85fb1ae75f45a54b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"eb3e2dfe0cfdccd3a7bcc1c447ee48b7-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Thu, 22 Jun 2017 00:00:00 GMT
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 4
access-control-allow-origin
*
x-frames
1
content-length
273756
server
nginx
0cad0cca5cc009bfe992f17ce616459a5e788e4e.jpg
64.media.tumblr.com/a61638a38633d324dae03d78eccaa17a/09bf775259e78761-6c/s1280x1920/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/a61638a38633d324dae03d78eccaa17a/09bf775259e78761-6c/s1280x1920/0cad0cca5cc009bfe992f17ce616459a5e788e4e.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f2f8def7fd179f805fff0cd21b77e6c1b78de649ea5743baaaf8de605d6a533d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"43b936b2d384f35b8a301a07fd4111b2-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Wed, 09 Dec 2020 14:50:58 GMT
content-disposition
inline; filename="tumblr_a61638a38633d324dae03d78eccaa17a_0cad0cca_1280.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*
x-frames
1
content-length
111133
server
nginx
f2824f61babb08465938ebaaf3337caf.jpg
i.pinimg.com/736x/f2/82/4f/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/f2/82/4f/f2824f61babb08465938ebaaf3337caf.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c02207dccd417e91e5cbfd00a0febf5be3b5174695cf907276e986bdf48240ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000, immutable
etag
"d04f2e9517b85a1007553f915d2f4c32"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
84460
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
200x200
via.placeholder.com/ 		0
0
dc1d19430c38eefc2858c4e42efdf713.jpg
i.pinimg.com/736x/dc/1d/19/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/dc/1d/19/dc1d19430c38eefc2858c4e42efdf713.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b38b3df099f010a982419dce2d7388754d3992a5f6e8a9dfacc7271fd93d1f23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"4a4b04f0cae8867a3930875fc4696778"
x-cdn
fastly
expires
Fri, 25 Dec 2037 23:59:59 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
47984
x-pinterest-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
fassylover%2F1718752303673_2
www.avacrea.org/api/pic/ 		517 KB
518 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avacrea.org/api/pic/fassylover%2F1718752303673_2
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fcc957a69c2c10363738dd7fdbddd758532f4be80aaed1a4236b7ba342a2d4ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=604800
x-vercel-cache
MISS
etag
"13927k1bbl114lsj"
age
0
x-matched-path
/api/pic/[id]
content-length
529859
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
server
Vercel
x-vercel-id
fra1::cdg1::j286f-1733329200321-10c289a3c649
676dc84e72f74ce507b7665ccc74c04ab011fbfc.pnj
64.media.tumblr.com/de51a2e29c273ae02d87c039db2fe3af/9b4c07aed80b1c6c-af/s500x750/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/de51a2e29c273ae02d87c039db2fe3af/9b4c07aed80b1c6c-af/s500x750/676dc84e72f74ce507b7665ccc74c04ab011fbfc.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2f267e0346f9e77c333fac5edd82c933049a8dba964f3350348a5e4909e70fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"64d9079971e642168e495126c808f9a9-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 18:56:50 GMT
content-disposition
inline; filename="tumblr_de51a2e29c273ae02d87c039db2fe3af_676dc84e_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 5
access-control-allow-origin
*
x-frames
1
content-length
159669
server
nginx
44b4429aa4d24d5618fcde998ae08d81fb4dd63e.png
64.media.tumblr.com/1595387e5f3c8b783ed406efa94ff458/c0d1e657d402af0b-f7/s250x400/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/1595387e5f3c8b783ed406efa94ff458/c0d1e657d402af0b-f7/s250x400/44b4429aa4d24d5618fcde998ae08d81fb4dd63e.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
80fb805f0121f7ec281bd5effc267704110c21e680eeb6db9e8364ccf6a57a73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"0bb7b263ced686a11ad6c9f8e563343f-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
last-modified
Wed, 02 Jun 2021 10:31:18 GMT
content-disposition
inline; filename="tumblr_1595387e5f3c8b783ed406efa94ff458_44b4429a_250.png"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 7
access-control-allow-origin
*
x-frames
1
content-length
123300
server
nginx
tumblr_or9zqgWaAa1u2ru01o6_250.jpg
64.media.tumblr.com/90c19c7167e942b86a7a05b21219bc3c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/90c19c7167e942b86a7a05b21219bc3c/tumblr_or9zqgWaAa1u2ru01o6_250.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
df27914e30d4ce2d9549f3a303d7a337b3feb3465707e3630d0dbaa6c901fc91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"edcec84767f1b138c4bb549c2112aa15-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Thu, 05 Nov 2020 19:48:29 GMT
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 7
access-control-allow-origin
*
x-frames
1
content-length
15305
server
nginx
3dbf837376fb337d08949316d1cb5f4b57f67268.jpg
64.media.tumblr.com/87bc49f24aba41826fab0862b2d7ea7c/eb783d7700ffecd2-1f/s500x750/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/87bc49f24aba41826fab0862b2d7ea7c/eb783d7700ffecd2-1f/s500x750/3dbf837376fb337d08949316d1cb5f4b57f67268.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
acea3466f57decb7ad48959d919cbb4b0ae5cf9d16cdf39ab35bcc95773b0456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"ca1e581a9f82f0501460b1e2545cdb64-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Sat, 28 Sep 2024 08:59:12 GMT
content-disposition
inline; filename="tumblr_87bc49f24aba41826fab0862b2d7ea7c_3dbf8373_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 5
access-control-allow-origin
*
x-frames
1
content-length
94123
server
nginx
keRRXce.png
i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/keRRXce.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
76b6a22f101abc845a0791895ef3583b65db458288a4dd94449926776f3051b1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"ac709b476ea675d4c3a27550916bf3ef"
age
883408
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
eD_sjV8nGX0q7Ptz6zAEIl3ri0mpi5-19BIPV5MaPh78aUdXLszO6Q==
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
last-modified
Sun, 24 Nov 2024 10:56:33 GMT
x-cache-hits
8, 0
x-served-by
cache-iad-kiad7000065-IAD, cache-ams21027-AMS
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1733329200.322862,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1265
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
3461e3d68b214018f6f74dbf2345865a.jpg
i.pinimg.com/736x/34/61/e3/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/34/61/e3/3461e3d68b214018f6f74dbf2345865a.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1814c278a202783b8a59072dc8d9513bab6ac8b64ece4606005bb98a7aa6ef38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000, immutable
etag
"5006243e59fd265286a8ce6e01f1c16a"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
85005
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
loup_1.png
2img.net/www.aht.li/3881677/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/www.aht.li/3881677/loup_1.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724be45f6350e21e71f7e6ded0ae6bec1b28880d7b9e544e56b66070057e8945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cf-cache-status
HIT
etag
"2555049560"
age
237739
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94eivneDilE1%2F%2Bv05c31o4bWRYbq78vZDrLrVliCLu1sILBfVDKUQ%2B9Yahrp0ET43SAC41rgRcKw%2FxfypwyhWDlh7MZMtQd3LnXy9YTrAfXq7uwJOET7PfXy8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTION
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67261&min_rtt=67179&rtt_var=25250&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4044&recv_bytes=4326&delivery_rate=43677&cwnd=12000&unsent_bytes=0&cid=49131a45d886f5de&ts=94&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:58:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0dce7d06c0-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
x-xss-protection
1; mode=block
server
cloudflare
ffd2873e0680a33f2863453e0de30723.jpg
i.pinimg.com/736x/ff/d2/87/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/ff/d2/87/ffd2873e0680a33f2863453e0de30723.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acc6dd143721784a1db8260fb337a5aecb219723b008176b81acbf7bfbae8328

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000, immutable
etag
"84f3a57a71f982384f95e4b24b4123b8"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
107255
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
955b89b1bcb9406cf5294e0ec49e96ff.jpg
i.pinimg.com/736x/95/5b/89/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/95/5b/89/955b89b1bcb9406cf5294e0ec49e96ff.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2de1284ae526a7118158dead17dabfdd483f02dd358d0f126f80e0267eeb1c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"4f42ff2071322640955554067785803f"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
70382
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
7fab6dc15f3aa16a50ba8ea770a2dfcc.jpg
i.pinimg.com/736x/7f/ab/6d/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/7f/ab/6d/7fab6dc15f3aa16a50ba8ea770a2dfcc.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f09126fdd2e13b744df52f5af371f9eecde61e366a9a73eb0d12a35de9906327

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"5d1051eab2c711ae6a2685add45d4e5b"
x-cdn
fastly
expires
Fri, 25 Dec 2037 23:59:59 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
164652
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
ae8ff43d6f66360418586cec918dce05.jpg
i.pinimg.com/736x/ae/8f/f4/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/ae/8f/f4/ae8ff43d6f66360418586cec918dce05.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfff1d663bc32776c61707d362d610eb31a423c06949a1e87efa3958e3301d3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"a2072225d5659ef6cc077429c8799122"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
121958
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
x-amz-server-side-encryption
AES256
lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881690/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
bec3ebd33bbf44ed61aa1830fd5262fa54352a761ede033af9542d4062965c74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"1478394238"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1903128
Date
Wed, 04 Dec 2024 16:19:59 GMT
Content-Type
image/png
Last-Modified
Sun, 10 Nov 2024 13:55:07 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__adff60cc-2a0e-40a0-a00a-e59ffaa57c2d.png
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=999
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881692/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ff...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
7ef9622cf9e61cdfe8541930f6d112069f0def6b7aea1e794a9fbaf8494cba19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"3458111663"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1934834
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
image/png
Last-Modified
Sun, 10 Nov 2024 13:55:04 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__3f38c11e-1025-477a-b159-d44b66b1ffad.png
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=998
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881693/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a44...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
254eb2f08019c13e968695b8511c13831f57a3983eab03664e73f8ebeb86b4f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"1553975604"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1892721
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
image/png
Last-Modified
Sun, 10 Nov 2024 13:55:02 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__28811c06-8ab3-46d9-8ba2-17b4d30a4415.png
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=997
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881694/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2b...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
fe266b74e3ce25c5b18374caf5bff34cfa6b521e3f3bdb481ec1d3e82181c7e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"2121711313"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2179084
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
image/png
Last-Modified
Sun, 10 Nov 2024 13:54:59 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__a1d8abc0-2d5e-4870-a351-3164537d2ba8.png
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=1000
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881695/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f560...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
b4c616ffc804aa53bcbe714314edbef1f659353895a1cd8dfd3d7f1118752bd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"141933721"
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2270378
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
image/png
Last-Modified
Sun, 10 Nov 2024 13:54:56 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/lucioleviolette_small_town_in_Alaska_between_sea_and_mountains__fa38691d-7e60-45db-bb23-82d5d8f56099.png
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=999
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
9313f59386f105e1558ad7112381fca3.jpg
i.pinimg.com/736x/93/13/f5/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/93/13/f5/9313f59386f105e1558ad7112381fca3.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e6ee0f057fd188e8cff306b0a7146f2fee07e85b5da655ee16ccaf110296fd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000, immutable
etag
"839c9e566f919a38f9d5c630e78cb5c3"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
110637
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
4166cd94bd5b55d158a39e81b20a950a.jpg
i.pinimg.com/736x/41/66/cd/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/41/66/cd/4166cd94bd5b55d158a39e81b20a950a.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e4c85387ec09d9e82fad9273f03d354cf8cdf020259be38728faa5e1e9345280

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"fa0b5430631627b1bd73f36fd14fda90"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
22436
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
7d1326998bd16059a4f6f2abb76ce2b7.jpg
i.pinimg.com/736x/7d/13/26/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/7d/13/26/7d1326998bd16059a4f6f2abb76ce2b7.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3fabdb42181e08c56a962554ac654ab97b702dc68f8208b6780e931ec452abbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=31536000, immutable
etag
"62efcc71bb90dfb4d37e3a15ef900b2c"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
5766
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
x-amz-server-side-encryption
AES256
930b8dc82c62d774e194b467bf698288.jpg
i.pinimg.com/736x/93/0b/8d/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/93/0b/8d/930b8dc82c62d774e194b467bf698288.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d51fe96548c6433148bdffe4a3ab8fb65a50ad853bcd15838b279eee1671899

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000, immutable
etag
"6333d8ed501bef2c4e327058c0b768ed"
x-cdn
fastly
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
156262
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
vary
Origin
eb8fd7a7db45dcfa0f0c17a304f8918f5838dbd5.gif
64.media.tumblr.com/289f2f4694dc503e688a03f99e8d091d/63fb010839d05a33-31/s400x600/ 		0
0
cpf.css
icons.cappuccicons.com/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icons.cappuccicons.com/cpf.css
Requested by
Host: pull.cappuccicons.com
URL: https://pull.cappuccicons.com/cpf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
ed42b85ef7e06b8cfc17bb6c2997a76720944ca6eee4e8f4caa88e97864c8c68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-fastly-request-id
73bcc852a294bd284e8715e05860c6c38e16b339
content-encoding
gzip
etag
W/"6062e8a9-9e6a"
age
286
x-github-request-id
0C7F:23B7B3:704155:7404A5:674FE0AD
expires
Wed, 04 Dec 2024 05:05:10 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 30 Mar 2021 09:00:25 GMT
x-served-by
cache-mad2200140-MAD
x-cache-hits
1
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1733329201.616869,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
7267
server
GitHub.com
clipboard.min.js
cdn.jsdelivr.net/clipboard.js/1.5.16/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clipboard.js/1.5.16/clipboard.min.js?_=1733329200105
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"282e-I97HrmK9bKPbkZzq61NWhlgHzZM"
age
1776679
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220069-FRA, cache-ams21046-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
3452
js
www.googletagmanager.com/gtag/ 		277 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c&gtm=457e4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
124d4a7be7fe0e5f300fdebcf7fc8441a2505b6042e45ddb4a3aed4fa970c540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 16:20:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98851
x-xss-protection
0
server
Google Tag Manager
billie-holiday.png
transparenttextures.com/patterns/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transparenttextures.com/patterns/billie-holiday.png
Requested by
Host: sd-g1.archive-host.com
URL: https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3145bd4195164ab157b8e3d69fdb70cf3ee9d0ccdb6784ab7e93a5d051a3a39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sd-g1.archive-host.com/

Response headers

cf-cache-status
HIT
etag
"577a2690-2b7a"
age
382351
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVA96mT4kV2k%2FmWUaTLMqPhp4k8tx6yZ%2BoI67rBR9W%2FIvPSItqFAnpz6wkcOaJ3MeoQa8Di2115SCaTz6IiImB8gVUXBUokfYSSF0AdfBWIPETe0c2Ybz%2B1RRJsLvlDdAwTiOfSXA%2FFBOA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 22 Dec 2024 14:25:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=59436&min_rtt=59386&rtt_var=22371&sent=20&recv=8&lost=0&retrans=0&sent_bytes=15530&recv_bytes=4687&delivery_rate=52015&cwnd=12000&unsent_bytes=0&cid=2a108b29b76b99b4&ts=90&x=1", cfHdrFlush;dur=58
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
last-modified
Mon, 04 Jul 2016 09:04:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0d7f3b6699-AMS
accept-ranges
bytes
content-length
11130
server
cloudflare
loader.js
cdn.taboola.com/libtrc/forumotion-fr/ 		1 MB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e8594e1a60796075cda1abce3ebf933fc0451d0c683c1c54788362164a626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"26eab30f0a05bc127242f702644b3d55"
x-amz-version-id
S_AUUHPQ64BY48uVU5CjxYzGC7DGmRX1
age
23
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
last-modified
Wed, 04 Dec 2024 07:44:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
GzVZ7bU/heoGgWkWano5D4qqc+KtplaoZIKyj6N7x87xYxiLxE7sW7Vc104YjNrnwQj8PcY7yXg=
vary
Accept-Encoding
x-amz-replication-status
PENDING
cache-control
private,max-age=14401
x-timer
S1733329201.755734,VS0,VE2
via
1.1 varnish
x-amz-request-id
3CZ7KB4454R5TG2W
accept-ranges
bytes
access-control-allow-origin
*
abp
37
content-length
275345
server
AmazonS3
x-amz-server-side-encryption
AES256
slm.prebid.forumactif.js
ads.sportslocalmedia.com/ 		560 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.11.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292c522826258d58faf3e06ee9aa8bd1aab495f83bd56cbdfd29838df0f59373

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=3600
content-encoding
br
cf-ray
8ecd1f10dbecf956-DUS
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
binding-dark.png
transparenttextures.com/patterns/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transparenttextures.com/patterns/binding-dark.png
Requested by
Host: sd-g1.archive-host.com
URL: https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b001078068b0a370dababf149ec25a09c339a71112155e2d2cdc547e49be2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sd-g1.archive-host.com/

Response headers

cf-cache-status
HIT
etag
"577a2690-4dc3"
age
4159
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0PSv9OZz6OlSVEXdQhAR9VAcnf343N6%2FyhXBMf1fE5MjwZ9p%2Fqobvr2RIKmxsaTmouUC8XDTVoXQyBNXPc64DIXcSKQkThjb8rGSb7lhXOWf7e8Bv0i8FavC2P7jnCuA5i0PoUAz9MBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 10 Dec 2024 22:54:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=59436&min_rtt=59386&rtt_var=22371&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4113&recv_bytes=4687&delivery_rate=52015&cwnd=12000&unsent_bytes=0&cid=2a108b29b76b99b4&ts=87&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/png
last-modified
Mon, 04 Jul 2016 09:04:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0d7f3e6699-AMS
accept-ranges
bytes
content-length
19907
server
cloudflare
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f13e46658d50993e2adff4ea6c7e6735494919451d14ee1c59a7afff61170a6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
widget.min.js
weatherwidget.io/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weatherwidget.io/js/widget.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5d9d0124-a4e"
age
6140
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZYgGoRF0hWcSNimFsmT2bE2ICwgUSKguAFgtnYIxe3jxnYepQhPs4Kh6akMTTx4Z6Aj7aCftE88yOFJedbrW1O3KjEanSrVqzAkleALlWEze41lRaBNTyZWCJUjkY6EKJDy"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=92643&min_rtt=92467&rtt_var=34800&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=4247&delivery_rate=35555&cwnd=12000&unsent_bytes=0&cid=bc2920bf00667513&ts=134&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2019 21:35:32 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public; max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f10fad46644-AMS
server
cloudflare
vglnk.js
cdn.viglink.com/api/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d52f4b07cebf9b4fee1c2221feb65d6e70b394ea2b6585f3f9d44e51be97e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
public, max-age=604800
content-encoding
gzip
etag
"1f5a90710c2dd75181897ff5192ff5cc"
age
451060
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
29138
x-amz-cf-id
zxT1-Xqi-JW7INe-PpRNs1M-H5cbPJ-g-Mb2xS48DtIfNLL_me5ERA==
date
Fri, 29 Nov 2024 11:02:21 GMT
content-type
text/javascript
last-modified
Mon, 30 Sep 2024 21:16:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
forest-lullaby-110624.mp3
sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/
Redirect Chain
  • https://www.aht.li/3881674/forest-lullaby-110624.mp3
  • https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/forest-lullaby-110624.mp3
128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/forest-lullaby-110624.mp3
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

ETag
"784612298"
Content-Range
bytes 0-4437053/4437054
Access-Control-Allow-Methods
GET, OPTION
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
4437054
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
audio/mpeg
Last-Modified
Sun, 10 Nov 2024 11:46:30 GMT
Server
Archive-Host serveur FILER-S2
Access-Control-Allow-Headers
*

Redirect headers

Location
https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/forest-lullaby-110624.mp3
Connection
Keep-Alive
Content-Length
0
Keep-Alive
timeout=5, max=996
Date
Wed, 04 Dec 2024 16:11:21 GMT
Content-Type
text/html
X-Powered-By
PHP/5.3.29
Server
Apache
athabasca-min-1280x800.jpeg
www.terra-canada.com/wp-content/uploads/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terra-canada.com/wp-content/uploads/athabasca-min-1280x800.jpeg
Requested by
Host: sd-g1.archive-host.com
URL: https://sd-g1.archive-host.com/membres/up/cff668929085cfec40937e886ca49537e31d75ec/NORTHERN_LIGHTS/CSS_NORTHERN_LIGHTS_OFFICIEL.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.47.197.186 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-47-197-186.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
6c8116e3a0c1e93431a4bdb62a38884a8b23f23c6cfe23c5f3796dfa4930613a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sd-g1.archive-host.com/

Response headers

cache-control
max-age=315360000
etag
"62c2da66-209f5"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
133621
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/jpeg
last-modified
Mon, 04 Jul 2022 12:17:42 GMT
server
nginx
dx
thenorthernlights.forumactif.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenorthernlights.forumactif.com/dx?a=42361
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
81180227e419a42ca41bd65f1dfc9f3e00aa209665ed7234512434e365d4899f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=31536000
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 16:20:00 GMT
access-control-allow-origin
*
date
Wed, 04 Dec 2024 16:20:00 GMT
x-xss-protection
1
content-type
image/jpg
last-modified
Wed, 04 Dec 2024 00:00:00 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://fonts.googleapis.com/

Response headers

age
3543
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:20:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:20:57 GMT
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
31052
x-xss-protection
0
server
sffe
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Response headers

x-fastly-request-id
184d9f8da9025402c612c55187f9f3cbc12b2b15
content-encoding
gzip
cf-cache-status
MISS
etag
W/"64382bc3-2e05c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DurELTd53oUh%2FuBwoXSElQkzsTLf64DObVVrHxgMx7iiOPTjz5DqzqbIWndqi4W5dyfPbeA2teEyJzH94EEwlTvTLjm8PRyYvdaDvJyQruT9RINRfHOrCyLi3F%2BHyaNyVdQEuLqKiUXW"}],"group":"cf-nel","max_age":604800}
x-github-request-id
C141:6CC97:1567C8D:15EF952:6746ACD6
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 05:33:34 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=59044&min_rtt=59001&rtt_var=16678&sent=10&recv=7&lost=0&retrans=0&sent_bytes=2650&recv_bytes=4242&delivery_rate=37744&cwnd=12000&unsent_bytes=0&cid=13e555018913fdde&ts=96&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
font/ttf
last-modified
Thu, 13 Apr 2023 16:20:19 GMT
x-served-by
cache-ams21066-AMS
x-cache-hits
5
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1733329200.289365,VS0,VE1
via
1.1 varnish
cf-ray
8ecd1f0da9d566c3-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
110019
server
cloudflare
kJE1BuIX7AUmhi2V4m08kb1XvOFXCA.woff2
fonts.gstatic.com/s/maidenorange/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/maidenorange/v30/kJE1BuIX7AUmhi2V4m08kb1XvOFXCA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Imbue:opsz,wght@10..100,100..900&family=Maiden+Orange&family=Rubik+Dirt&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
a6345aa57d858e4421e437f05ca1ba984f1ac0c99e065b59a1ec37bdada386b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://fonts.googleapis.com/

Response headers

age
508197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 19:10:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 19:10:03 GMT
last-modified
Wed, 20 Nov 2024 00:25:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15596
x-xss-protection
0
server
sffe
pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c8e4df00bdad9ee1602ded3b28ca40610b3866740f0d70272ffaaf748dedf694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://fonts.googleapis.com/

Response headers

age
106216
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 10:49:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 10:49:44 GMT
last-modified
Thu, 27 Apr 2023 01:04:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32972
x-xss-protection
0
server
sffe
HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/staatliches/v13/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Agdasima:wght@400;700&family=Anton&family=Bebas+Neue&family=Silkscreen:wght@400;700&family=Staatliches&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
8f3a39acb9679b8f61f939937dc06653138678825653eb9e954cc084160fd4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://fonts.googleapis.com/

Response headers

age
7748
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 14:10:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 14:10:52 GMT
last-modified
Thu, 24 Aug 2023 21:06:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16200
x-xss-protection
0
server
sffe
b8b0ce00a4fb50ea45e0624a19ec8310bfd13d87.pnj
64.media.tumblr.com/14faf9a4f3858f91fe580db8385f858a/b0ccfd5c6585daa3-51/s500x750/
Redirect Chain
  • https://tinyurl.com/32z4avd8
  • https://64.media.tumblr.com/14faf9a4f3858f91fe580db8385f858a/b0ccfd5c6585daa3-51/s500x750/b8b0ce00a4fb50ea45e0624a19ec8310bfd13d87.pnj
130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/14faf9a4f3858f91fe580db8385f858a/b0ccfd5c6585daa3-51/s500x750/b8b0ce00a4fb50ea45e0624a19ec8310bfd13d87.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d34cb9058b6cc7d18ba7bcd58279aa45d2de427262f82e7d20e5013c46b43fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"7c490cc904cf3ee0e793ff81aa4a44bb-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=3.0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/jpeg
last-modified
Thu, 11 Mar 2021 20:10:40 GMT
content-disposition
inline; filename="tumblr_14faf9a4f3858f91fe580db8385f858a_b8b0ce00_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 5
access-control-allow-origin
*
x-frames
1
content-length
132926
server
nginx

Redirect headers

x-robots-tag
noindex
cf-cache-status
HIT
age
778
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
location
https://64.media.tumblr.com/14faf9a4f3858f91fe580db8385f858a/b0ccfd5c6585daa3-51/s500x750/b8b0ce00a4fb50ea45e0624a19ec8310bfd13d87.pnj
x-tinyurl-redirect-type
redirect
referrer-policy
unsafe-url
cf-ray
8ecd1f122fe4286d-AMS
x-xss-protection
1; mode=block
server
cloudflare
x-tinyurl-redirect
eyJpdiI6IlhBRndCMWZrRldxamRDUStidVBBOXc9PSIsInZhbHVlIjoieGY5WHlQZmVOdEVzUHFyYkltSjVncHlDSXN3M0l5V2Z3NmNFNmxsdDdIZEVPMms0Tmp2Rkg3NWx1Qk5XOUZ4RTljbWNiZVdkTnFzdGQ1enozR1VSY1E9PSIsIm1hYyI6Ijk3MjUxNWM1ZGQzNmUyMDU0MGI5Yjg0YTk1ZjFlMGYyYTM1ZGU1YmE2NzAyNTkzMGRkYjY3ZTNmMzNlOTVjOTYiLCJ0YWciOiIifQ==
lastpost.gif
2img.net/i/fa/invision/ 		53 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/lastpost.gif
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cf-cache-status
HIT
etag
"41d5e800-35"
age
22112739
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtaW6W%2BRHvcrhsrqNRv%2B9ttR84odULRhhNEgyEJBKtIDMzlxalCfg1UbT%2Fgo4k%2BTVYHs1Utsail1fZ%2FUDWrbZqntX68P92F0TSwI%2FsD0nhWpDJJhIi4NrLsg6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73464&min_rtt=67179&rtt_var=18167&sent=14&recv=12&lost=0&retrans=0&sent_bytes=6052&recv_bytes=4854&delivery_rate=22194&cwnd=12000&unsent_bytes=0&cid=49131a45d886f5de&ts=723&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/gif
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f11ac0506c0-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
53
x-xss-protection
1; mode=block
server
cloudflare
29d062ff428e03f5282d2cc0c5a13c71764d7d12.gif
64.media.tumblr.com/56ff55ada0de36e302c054d044a6c881/0e8a3a9d0798cbb6-e9/s500x750/
Redirect Chain
  • https://tinyurl.com/226znhsn
  • https://64.media.tumblr.com/56ff55ada0de36e302c054d044a6c881/0e8a3a9d0798cbb6-e9/s500x750/29d062ff428e03f5282d2cc0c5a13c71764d7d12.gif
9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/56ff55ada0de36e302c054d044a6c881/0e8a3a9d0798cbb6-e9/s500x750/29d062ff428e03f5282d2cc0c5a13c71764d7d12.gif
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9eee34b62a833fde0945597fa10708d86b8de7c0c065ca9ecd41614d8af7c611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"f0b81ccf171da4964c6049e12828426e-1523937600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/gif
content-disposition
inline; filename="tumblr_56ff55ada0de36e302c054d044a6c881_29d062ff_500.gif"
last-modified
Mon, 15 Aug 2022 17:44:27 GMT
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 7
accept-ranges
bytes
access-control-allow-origin
*
content-length
9506700
server
nginx

Redirect headers

x-robots-tag
noindex
cf-cache-status
HIT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
location
https://64.media.tumblr.com/56ff55ada0de36e302c054d044a6c881/0e8a3a9d0798cbb6-e9/s500x750/29d062ff428e03f5282d2cc0c5a13c71764d7d12.gif
x-tinyurl-redirect-type
redirect
referrer-policy
unsafe-url
cf-ray
8ecd1f122fe9286d-AMS
x-xss-protection
1; mode=block
server
cloudflare
x-tinyurl-redirect
eyJpdiI6Imlzd04xNTVIUWFSVHcxMXluQ3BCd2c9PSIsInZhbHVlIjoiV1pJM0Vuam9FcEE1blppOFl6SmZ2NVBpRjBlOG9xMW1Bd2VGcnBlbTY3aTI2TzJwZ1ROUnR6ZGNJcHR5Z2ZPZ295U0E4ODlaUmhEazRXMENqd0VMdVE9PSIsIm1hYyI6ImQ4YjA0MTdiNzc5YTRiNWI2NmFiODM2MmM5Y2E1YTg3NDhjNWE0NDAwOWU3YTUxYWI5NDQyYzY4MWUzOTMyOTAiLCJ0YWciOiIifQ==
1731776843-vavajude.jpeg
2img.net/image.noelshack.com/fichiers/2024/46/6/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/image.noelshack.com/fichiers/2024/46/6/1731776843-vavajude.jpeg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968c25562c9e2e6bf12a7f8212dbcecd9eeabf1fe89d96bca7a7df668e3cd23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cf-bgj
h2pri
etag
"6738d191-cb8f"
age
75698
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sybmRJ%2FHD1kxcolJXZYFyfGYAhFwz%2FXt9I4CKHqKxbjluXLTt5Yj3%2Fjll%2F9XsA%2FZfuTukxb6WITRdvfbd6cZVE2YpMKZVJhu37mRTng8bB0wrlFV%2FgX2UAJGcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73464&min_rtt=67179&rtt_var=18167&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6862&recv_bytes=5232&delivery_rate=22194&cwnd=12000&unsent_bytes=0&cid=49131a45d886f5de&ts=798&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/jpeg
last-modified
Sat, 16 Nov 2024 17:08:33 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f122cb406c0-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
52111
x-xss-protection
1; mode=block
server
cloudflare
d2ff5718406f422900c86f738ab1b5c4c9fa3858.pnj
64.media.tumblr.com/df2f1dc0e29d47f3a2556ea86436bcba/6a01f5df44b7c954-fc/s500x750/
Redirect Chain
  • https://tinyurl.com/4ujy9hsz
  • https://64.media.tumblr.com/df2f1dc0e29d47f3a2556ea86436bcba/6a01f5df44b7c954-fc/s500x750/d2ff5718406f422900c86f738ab1b5c4c9fa3858.pnj
96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/df2f1dc0e29d47f3a2556ea86436bcba/6a01f5df44b7c954-fc/s500x750/d2ff5718406f422900c86f738ab1b5c4c9fa3858.pnj
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1ca45754a2ae2d776d27f7481764fe8d99a9c09ec1f9beb48d8e3ce51d4cf8a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
86400
etag
"5aa74d7047429a2502e9803db2df1368-1503417600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/jpeg
last-modified
Tue, 21 May 2024 04:12:39 GMT
content-disposition
inline; filename="tumblr_df2f1dc0e29d47f3a2556ea86436bcba_d2ff5718_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 2
access-control-allow-origin
*
x-frames
1
content-length
97840
server
nginx

Redirect headers

x-robots-tag
noindex
cf-cache-status
HIT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
location
https://64.media.tumblr.com/df2f1dc0e29d47f3a2556ea86436bcba/6a01f5df44b7c954-fc/s500x750/d2ff5718406f422900c86f738ab1b5c4c9fa3858.pnj
x-tinyurl-redirect-type
redirect
referrer-policy
unsafe-url
cf-ray
8ecd1f12a891286d-AMS
x-xss-protection
1; mode=block
server
cloudflare
x-tinyurl-redirect
eyJpdiI6InpabktjSzZ4TjQ3cS9ra1ROWFFmcFE9PSIsInZhbHVlIjoiUWs2WVgwY1JHTDJ3bE51emQwM1o2dWs0cGhQY1ovenIwRjJNbHVlVU5aNUwxY3NmY2ZrOWltMUF6bWRzYkFvaTl4MGZ4Y1NNVUs1NFdESXBjWUZCMUE9PSIsIm1hYyI6IjgzZjNlODY5NWE1ZTRlNjQyOTVlYmZmNjNkNDJlMmU0NWNhY2I1ODdjMGIwY2ZjYTRlZWVkYjc3N2U2YjIwZTEiLCJ0YWciOiIifQ==
4b78c5a7729727cadae755161d759ddd029648ac.jpg
64.media.tumblr.com/5b1fa7ac9757e5d9038bfb720422a6db/51b91eed470e6118-e3/s500x750/
Redirect Chain
  • https://cutt.ly/DeJ4Aht6
  • https://64.media.tumblr.com/5b1fa7ac9757e5d9038bfb720422a6db/51b91eed470e6118-e3/s500x750/4b78c5a7729727cadae755161d759ddd029648ac.jpg
112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/5b1fa7ac9757e5d9038bfb720422a6db/51b91eed470e6118-e3/s500x750/4b78c5a7729727cadae755161d759ddd029648ac.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d1c7bca6171bcd354a066a910c00a8edfd1638ee3a2697e85f572d674fcecfff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
etag
"ab771c516c5bd2f20906e69801f3ce38-1498089600-12138a4"
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
dc;desc=ams, cache;desc=HIT;dur=2.0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/jpeg
last-modified
Fri, 17 Mar 2023 18:35:21 GMT
content-disposition
inline; filename="tumblr_5b1fa7ac9757e5d9038bfb720422a6db_4b78c5a7_500.jpg"
strict-transport-security
max-age=31536000; preload
cache-control
max-age=315360000
timing-allow-origin
*
x-nc
HIT ams 6
access-control-allow-origin
*
x-frames
1
content-length
114362
server
nginx

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://64.media.tumblr.com/5b1fa7ac9757e5d9038bfb720422a6db/51b91eed470e6118-e3/s500x750/4b78c5a7729727cadae755161d759ddd029648ac.jpg
cf-cache-status
DYNAMIC
pragma
no-cache
referrer-policy
same-origin
x-content-type-options
nosniff
cf-ray
8ecd1f16584e66eb-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 16:20:01 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
server
cloudflare
x-frame-options
SAMEORIGIN
16-76.jpg
2img.net/u/4417/34/52/55/avatars/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/u/4417/34/52/55/avatars/16-76.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867e200765062a1cb73c235f2c17857d781372808d8df8a57a45f3f392a885da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cf-bgj
h2pri
etag
"673647e3-587d"
age
214933
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6RfP98h3jgVcecZ5o3Qxam93XQaamGvZKSe3gMyPggq4GUV6b9nz7La5YmfntbX9NKc3Vr4A5Xriw%2BRxVrgwJYOsJsQGJ3XqG8BV4yeMru8InWKxU2Jda3SPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=86890&min_rtt=67179&rtt_var=5107&sent=66&recv=40&lost=0&retrans=0&sent_bytes=60981&recv_bytes=6716&delivery_rate=333152&cwnd=33600&unsent_bytes=0&cid=49131a45d886f5de&ts=1075&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 18:56:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f13ef5906c0-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
22653
x-xss-protection
1; mode=block
server
cloudflare
widget_app_base_1733132850231.js
cdn.userway.org/widgetapp/2024-12-02-09-47-30/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e1e6f277c33ff995e4e988743eec16116b137ef1b2ae0e177730e2b2e66a6e6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"91d34a44d03d2a5bd84cdf20e46095b6"
age
229
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
Yl8ySO1Mx53xxC3eta6RWQObhZbX9QWBcXW6xeUbFdt2IhFxwv6MGg==
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 09:51:11 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e41b30e6730815067d3596722
x-77-nzt
EgwBqZb/swH3kPwCAAwB1GY4EQG3JwAAAA
cache-control
max-age=25920000, public
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195728
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/fonts/bootstrap-icons.woff2?8bd4575acf83c7696dc7a14a966660a3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css

Response headers

access-control-expose-headers
*
etag
W/"14c34-IxTU1z3Z7Xqi+dGNReccoEQKwKk"
age
2519227
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
font/woff2
x-served-by
cache-fra-eddf8230150-FRA, cache-ams2100087-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
85044
x-jsd-version
1.4.0
u52
thenorthernlights.forumactif.com/ 		114 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/u52
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
a0a7f223d4268105fda917e6afe36025a153c0b30dc933eee421effbdd9496b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://thenorthernlights.forumactif.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
no-cache
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 00:00:00 GMT
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 04 Dec 2024 16:20:00 GMT
x-xss-protection
1
content-type
text/html; charset=utf-8
last-modified
Wed, 04 Dec 2024 16:20:00 GMT
vary
User-Agent
icon-eye.svg
illiweb.com/fa/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/icon-eye.svg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de59e3713aa677205890a880509b1b66ce2b69271ebcf0de3ee9a1de4331d2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6723a597-588"
age
165071
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIDDnBWIhDKYB3V4cnVQuDz1YyFQlBMGfruM0CP6mNKJ7hh5dEw3V%2FQfc80tPVJe7kmbkmmys%2Bg8tkp04uz1%2F0b30GJWHjhe98lmuqE64V%2FIAoLP5ZEeJWZGXP2gLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 18:28:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25494&min_rtt=21626&rtt_var=2082&sent=59&recv=40&lost=0&retrans=0&sent_bytes=49339&recv_bytes=7645&delivery_rate=754640&cwnd=33600&unsent_bytes=0&cid=d67b9b0e16f0e330&ts=665&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
image/svg+xml
last-modified
Thu, 31 Oct 2024 15:43:19 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecd1f0d5cfb6693-AMS
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
undefined
thenorthernlights.forumactif.com/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/undefined
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
411dc74bbf34c281763af4eb6724f9f3185b174a538f7a55aa7b8acfa8fa0cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://thenorthernlights.forumactif.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-allow-origin
*
content-length
4164
date
Wed, 04 Dec 2024 16:20:00 GMT
etag
"5db7f6f0-1044"
content-type
text/html
x-xss-protection
1
x-content-type-options
nosniff
webpush_register.php
thenorthernlights.forumactif.com/ajax/ 		25 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thenorthernlights.forumactif.com/ajax/webpush_register.php
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Wed, 04 Dec 2024 16:20:00 GMT
x-xss-protection
1
content-type
text/html
x-content-type-options
nosniff
consent-string
api.consentframework.com/api/v1/public/ 		205 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/consent-string
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.96.239 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
hetzner-prod.ipsfailover.com
Software
/
Resource Hash
b62b7c4e7cdcd80643938c19bea929109bb062062eace6ca0c44999b3d5d53a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://thenorthernlights.forumactif.com
Content-Length
205
Date
Wed, 04 Dec 2024 16:20:00 GMT
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Headers
Content-Type
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
age
5916
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 14:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
user-action
api.consentframework.com/api/v1/public/ 		0
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/user-action
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.96.239 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
hetzner-prod.ipsfailover.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://thenorthernlights.forumactif.com
Content-Length
0
Date
Wed, 04 Dec 2024 16:20:00 GMT
Access-Control-Allow-Headers
Content-Type
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8592daaa0c14f220eaef4f75bc5a83f3d44a20302cc147c480355c8a62df7e57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7050c434e454737459714e12822afe9873651b17ba910136a8088e1ea6ded5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZSSLCPJ9BZ&gtm=45je4bk0v9119535023za200&_p=1733329200113&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485&gdid=dOWE1OT&cid=2141018451.1733329200&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAI&_s=1&sid=1733329200&sct=1&seg=0&dl=https%3A%2F%2Fthenorthernlights.forumactif.com%2F&dt=the%20northern%20lights&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1299
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://thenorthernlights.forumactif.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
text/plain
server
Golfe2
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 		14 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid.js@9.2.0/dist/not-for-prod/prebid.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
age
20292
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230153-FRA, cache-ams2100087-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1087
x-jsd-version
1.0.0
pre.js
ac.aruncdn.com/j/prebid/ 		428 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ac.aruncdn.com/j/prebid/pre.js?420
Requested by
Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f82b1f3c3bf7d1725d976527f73b578b869d14b9ade6ca020fa2f769105444
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
PbGpPOZLrYkRbZIcoM7AlsTKNy5s.W5.
etag
W/"aa3e2646157f709ece8bb1d94cde030d"
age
571525
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mju7zjrOOrzK8hf%2FewA0cywVbQv9dJHXYR%2BA68nhq339VMiFN7esAKoOWzkq4v7ixkKTZdlgK%2BDscHxnigyGhld%2BAaQJsTfbxv5QY5hUwGh5l8n9rcDEkjtPr24J6mB"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Xkkaf0zSfalaH7swqaSazFZ5dUCH6tDyHXLMHp9k9qL_2cREjdmo1g==
date
Wed, 04 Dec 2024 16:20:00 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 11:11:43 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=83079&min_rtt=82894&rtt_var=31217&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4276&delivery_rate=39294&cwnd=12000&unsent_bytes=0&cid=c0e5408622aade7e&ts=114&x=1", cfHdrFlush;dur=0
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
cf-ray
8ecd1f10deff9705-AMS
x-amz-cf-pop
AMS58-P5
server
cloudflare
x-amz-server-side-encryption
AES256
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:20:01 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148131
date
Wed, 04 Dec 2024 16:20:01 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
player.js
ac.aruncdn.com/f/nat/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ac.aruncdn.com/f/nat/player.js?3
Requested by
Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
FOvcL8FCvIsowGYc43xQApgMK6rkhaBN
etag
W/"69624877c62cb83429ed5b682551fc5d"
age
554412
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4TfnaMkn4j%2FPVD0ZAxsd9SY5O460X5GqMPMGGQXL8onxNYiFqFP4C2lkEDwNjUqVzAk6YmbMocuBJPJ8vjKckrQOUiHhpG9orti%2BLTnOyQt0b0ju4R0ltkLM5L%2Fp7lh"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hqr46k-KgC9Qqq_NOxAMquiguyXfm59VI-MBrbgX1jdrnLvguAWmWA==
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 13:34:48 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=60102&min_rtt=51564&rtt_var=10803&sent=143&recv=64&lost=0&retrans=0&sent_bytes=157486&recv_bytes=7148&delivery_rate=925475&cwnd=72000&unsent_bytes=0&cid=c0e5408622aade7e&ts=1262&x=1", cfHdrFlush;dur=0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
cf-ray
8ecd1f180b629705-AMS
x-amz-cf-pop
FRA60-P4
server
cloudflare
x-amz-server-side-encryption
AES256
cappuccicons.ttf
source.cappuccicons.com/ 		556 KB
320 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://source.cappuccicons.com/cappuccicons.ttf
Requested by
Host: icons.cappuccicons.com
URL: https://icons.cappuccicons.com/cpf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
e981ea1d4767d72e2f8cd8fd2a47de8afbc507c925b470e320f558ba7ad0e9c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://icons.cappuccicons.com/

Response headers

x-fastly-request-id
451fbd6f22a472df77239d95f8f1b496724a52ab
content-encoding
gzip
etag
W/"6062e88f-8b168"
age
6
x-github-request-id
26C8:28A5DB:C146BF:C5A2C9:673D7445
expires
Wed, 20 Nov 2024 05:41:49 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
font/ttf
last-modified
Tue, 30 Mar 2021 08:59:59 GMT
x-served-by
cache-mad2200109-MAD
x-cache-hits
1
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1733329201.268954,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
327610
server
GitHub.com
wfydS4p3gs
api.userway.org/api/tunings/ 		410 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/wfydS4p3gs
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.233.137.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-137-16.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b209b9a964a0e32f61711afbb51ef4d03da1df55481b0c28c6f22fe21a968dec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr11d6b41a1d724ce
etag
W/"19a-SeslcawT11sk/jeA77QhUVbSG4A"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
410
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
commerce-js.iife.js
d35m0nfeeqvaj5.cloudfront.net/ 		106 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.iife.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f779fe40480221a710f20921f5c846e257156a0a0936eac272fbf0f40f434381

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

vary
accept-encoding
cache-control
max-age=31557600
content-encoding
br
etag
W/"369e6860177e10ded47ec4094bc6023b"
age
77525
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
iDg5gU5GrFLodPhwt_Jc26Y-q9r6FMbDepTK5-_0s8JQHE-cXvuMtw==
date
Tue, 03 Dec 2024 18:47:57 GMT
content-type
text/javascript
last-modified
Tue, 03 Dec 2024 18:47:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
loader.min.js
comparisons.sovrn.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

vary
accept-encoding
content-encoding
br
etag
W/"977ae67d2ae005447e6e3ab0b242cab2"
x-amz-version-id
_N7Ldl34Z.PdZpMcZXLC7DYN2lTVj6Bm
age
23930
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mrmYqnKVXMqoj8eX9XfqH_UWbJy4oStZSgz8dcrAoWRVJQRAbC3F8w==
date
Wed, 04 Dec 2024 09:41:12 GMT
content-type
application/javascript
last-modified
Tue, 23 Jan 2024 08:56:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
/
weatherwidget.io/w/ Frame D3D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://weatherwidget.io/w/
Requested by
Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
11147
alt-svc
h3=":443"; ma=86400
cache-control
public; max-age=14400
cf-cache-status
HIT
cf-ray
8ecd1f12bb2e66eb-AMS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 16:20:01 GMT
last-modified
Wed, 04 Dec 2024 09:15:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHGWMP69WAGR%2F8uTHRTpz1NeEQ0OPI%2Btsq9AhlQxTuDvZ88SWSQNdxijKZ%2F4MkWflf93uabyINRyW5RmvlLpdh47FWbOsZn145N9lKCGdTBd6ju%2BewRn4rokT%2F0YDGDvklsL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=55786&min_rtt=55751&rtt_var=20975&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4107&recv_bytes=4376&delivery_rate=55787&cwnd=12000&unsent_bytes=0&cid=37e6f547fd37ba6c&ts=82&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 6FB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp
27
accept-ranges
bytes
access-control-allow-origin
*
age
32372
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Wed, 04 Dec 2024 16:20:01 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status
COMPLETED
x-amz-request-id
07S5VCG943S7V2KE
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
20810
x-served-by
cache-ams21034-AMS
x-timer
S1733329201.247013,VS0,VE0
sync
gum.criteo.com/ 		45 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=&gdpr=1&gdpr_consent=CQJHBMAQJHBMABcAKBNLBSFgAAAAAEPgABpYIyQAARkgUAALAAeABUAC4AHAAQAAkABlADQANQAeABEACOAEwAMQAfAA_ACEAEdAMoAywB3AD9AIQARaAjgCOgFXANEAa8A2gB_wEegJiAUeApoBagC5gF5gMEAYaAyQBxYAAA&gdpr_pd=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aee57ef6760265aff6d5270258732ffbcbcfb0f96add35de5189cb60f20c6e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
519615
expires
60
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e84e77b853b734de81881171ba44563a9b266db399a27f02309856344e951c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
400 / 20061 / m202411180101 / config-hash: 11279109272543883697
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:20:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33348
x-xss-protection
0
server
cafe
tag
btloader.com/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5094764668518400&upapi=true
Requested by
Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f33bcd3ad808610ec3e1abdf6af848b178a80dfd0744695ac50c336fdd480bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"602db0ecde005bdd5e5d045b8f556932"
age
2732
via
1.1 google
cf-ray
8ecd1f19ed8906c2-AMS
accept-ranges
bytes
content-length
25485
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 15:34:13 GMT
vary
Origin, Accept-Encoding
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		424 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
e37a634fc13d78f4305920ecb088bf0faf59bde98e0ca888e53cc99297d0ea46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:20:01 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148131
date
Wed, 04 Dec 2024 16:20:01 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241204
Requested by
Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ffc594fe94f822f27cf5e9bb07cb0382ee86516ff69f35828970206df3f8d44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"635-lZf6LRyFSYGH+I2kdmRRqkxp5/g"
age
1151
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-ams2100087-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
819
x-jsd-version
1.0.2260
apstag.js
c.amazon-adsystem.com/aax2/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
428
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zL0VWvAf5Ucoj3ppBos3uxnpeV_ja1x7eV0qZ0aMLYSAXTOQRJNDxg==
date
Wed, 04 Dec 2024 16:12:55 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
x-amz-server-side-encryption
AES256
fr.json
cdn.userway.org/widgetapp/2024-12-02-09-47-30/locales/ 		698 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/locales/fr.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
eeef742ca3f18f9772838719cd84fdc2ca6e8e92353f477372eae7a0ed93b3e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"9fc407fe178cc35c95c99f0e667a1ef5"
age
154
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
pbJ3uD36MpwseGJngyJxnepOO7P3h8LW0PZsXY1OZmLDDihttyr7Bg==
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
application/json
last-modified
Mon, 02 Dec 2024 09:51:10 GMT
x-77-nzt-ray
f88df72e41b30e67318150679c1e4027
vary
Accept-Encoding
x-77-nzt
EgwBqZb/swH3XvwCAAwBisclxAG3VAAAAA
cache-control
max-age=25920000, public
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195678
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2114604599&t=pageview&_s=1&dl=https%3A%2F%2Fthenorthernlights.forumactif.com%2F&ul=nl-nl&de=UTF-8&dt=the%20northern%20lights&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAQABAAAAAAAAIk~&cid=2141018451.1733329200&tid=UA-144388882-1&_gid=966357967.1733329202&gtm=457e4bk0za200&gcs=G100&gcd=13q3q3q2q5l1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485&did=dOWE1OT&gdid=dOWE1OT&jsscut=1&npa=1&z=130294163
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

age
86176
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 16:23:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
commerce-js.css
d35m0nfeeqvaj5.cloudfront.net/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.css
Requested by
Host: d35m0nfeeqvaj5.cloudfront.net
URL: https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.iife.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa9141aa27d614ced8ab1a70e44331ef541f66f872087d96adecf87f0d468a42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

vary
accept-encoding
cache-control
max-age=31557600
content-encoding
br
etag
W/"80f7a8841f93f3b8ef7f032449865c40"
age
77525
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GrV00N0pvL-xCtcuNgwTU8fqos-AYR_2bUx3psJbBgMTUoHgNhSthA==
date
Tue, 03 Dec 2024 18:47:57 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 18:47:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
26369
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 09:00:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 09:00:32 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/ 		64 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/gpt
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7798723742105243693
age
25906
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 09:08:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 09:08:15 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23021
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412030101"
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		939 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fthenorthernlights.forumactif.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d3219f456a634799aebf5955c0a6fca8e377e2964ae556f21b582a92f3e17726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:20:02 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
211
date
Wed, 04 Dec 2024 16:20:02 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
remediation-tool-free.js
cdn.userway.org/remediation/2024-12-02-09-47-30/free/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-12-02-09-47-30/free/remediation-tool-free.js?ts=1733132850231
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"5deb9c2444f05f1810d5a32d3059f8ec"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
EVjb4E0iCktOo98_GuamTBqO6bWk3Qm5wklkwhX1ntyMrE3qBE3x5w==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 09:51:22 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e41b30e67328150671cfba709
x-77-nzt
EgwBqZb/swH3kPwCAAwB1GY4EQG3JwAAAA
cache-control
max-age=25920000, public
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195728
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-12-02-09-47-30/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
fdXcxLjGdwZF6jJf1QW45ZZsEN_zR5mzWvYq0IN_ipMunNBNDBAgag==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
text/css
last-modified
Mon, 02 Dec 2024 09:50:29 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e5acb784b328150670bcba509
x-77-nzt
EgwBqZb/swH3kvwCAAwBJRPCLgG3JQAAAA
cache-control
max-age=864000, public
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195730
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-12-02-09-47-30/ Frame B7A5 		30 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
fdXcxLjGdwZF6jJf1QW45ZZsEN_zR5mzWvYq0IN_ipMunNBNDBAgag==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
text/css
last-modified
Mon, 02 Dec 2024 09:50:29 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e5acb784b328150670bcba509
x-77-nzt
EgwBqZb/swH3kvwCAAwBJRPCLgG3JQAAAA
cache-control
max-age=864000, public
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195730
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-12-02-09-47-30/ Frame E06A 		30 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
fdXcxLjGdwZF6jJf1QW45ZZsEN_zR5mzWvYq0IN_ipMunNBNDBAgag==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
text/css
last-modified
Mon, 02 Dec 2024 09:50:29 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e5acb784b328150670bcba509
x-77-nzt
EgwBqZb/swH3kvwCAAwBJRPCLgG3JQAAAA
cache-control
max-age=864000, public
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195730
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-12-02-09-47-30/ Frame 78C3 		30 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/styles/2024-12-02-09-47-30/widget_base.css?v=1733132850231
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
230
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
fdXcxLjGdwZF6jJf1QW45ZZsEN_zR5mzWvYq0IN_ipMunNBNDBAgag==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
text/css
last-modified
Mon, 02 Dec 2024 09:50:29 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e5acb784b328150670bcba509
x-77-nzt
EgwBqZb/swH3kvwCAAwBJRPCLgG3JQAAAA
cache-control
max-age=864000, public
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195730
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
8a83e099-851b-4737-9ca3-c7092ea4fc9f
config.aps.amazon-adsystem.com/configs/ 		563 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/8a83e099-851b-4737-9ca3-c7092ea4fc9f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-124.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
1008ad4ee4522aab7c2490eb1b7556238cb55beb32d3b216bdf2ba41c8ed986c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=3600
age
1476
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
E6sZt375EREQKJe8Nti556Pl19ZFZBkqLYWtcZ225td4JnKLdUVxjw==
date
Wed, 04 Dec 2024 15:55:26 GMT
content-type
application/javascript
x-amz-cf-pop
FRA53-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		786 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthenorthernlights.forumactif.com&pubid=8a83e099-851b-4737-9ca3-c7092ea4fc9f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-226.fra56.r.cloudfront.net
Software
Server /
Resource Hash
69d50aec1a460a5c30082515e4ad7c8a0319ed57459775420624779f5b527466

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
Miss from cloudfront
content-length
786
x-amz-cf-id
-IlRUPUWWG-P2lvyuPM4RGBaPZ0ije2vS80mt128ZOtIr51BN11MOw==
date
Wed, 04 Dec 2024 16:20:01 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-C2
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
40642
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
HxOcPZRvWH3LY-PkIQfVdoHRxVvxtO3eDyIY2EUU67vxU-Fs2vkVQA==
date
Wed, 04 Dec 2024 05:02:41 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
eye_wh.svg
cdn.userway.org/widgetapp/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/eye_wh.svg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a98642e9e001e935698bb1ccf15571970965349ed446f902571d5486bc4c55ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"5f6fbd9bdd48b560e4dfed0dccf47649"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
qMQqn10Jb_cSCSeRKJqGOM5ZYSsPw8b-DmkDtLyWd3XK8inUc5zdwg==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
image/svg+xml
x-77-nzt-ray
f88df72e5acb784b3281506792d47a0e
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 09:51:13 GMT
x-77-nzt
EgwBqZb/swH3X/wCAAwBJRPCMQG3WQAAAA
cache-control
max-age=25920000, public
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195679
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.180 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
787975672.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
age
30
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
GIzk1Nl3mpQlIeI3cLeKNVJ4jvjnSP_RcKPzRcnzJlqVhjvz4t-wCQ==
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
image/svg+xml
last-modified
Mon, 02 Dec 2024 09:51:13 GMT
vary
Accept-Encoding
x-77-nzt-ray
f88df72e5acb784b328150675bb3800e
x-77-nzt
EgwBqZb/swH3kvwCAAwBJRPCLgG3JwAAAA
cache-control
max-age=25920000, public
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-77-age
195730
x-amz-cf-pop
FRA60-P3
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
px.gif
bt.dns-finder.com/ 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5094764668518400&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2215
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ut5hqMf%2FYwgDclODvPZmSfdT6VwYUd%2Btfkb7KrtDfhGEHLMGnV9evvlnEsFfO%2FbUJ2Nyq7EusWJt4LbTpS5keraPcRVVbFpLiyrM24LprKFsIPDe1sGzCV5pSkP4VnLw1arVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 15:56:47 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=QUIC&rtt=72420&min_rtt=72278&rtt_var=27205&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4083&recv_bytes=4274&delivery_rate=45944&cwnd=12000&unsent_bytes=0&cid=ff0d822481698c32&ts=119&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4lKwOLjlFRDLdUcztn5ztp7OTv8dWB29K2-LVWAocScOmN34r1nSdkA1eIxTSEfKhXn50
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8ecd1f1b4bfef5e0-AMS
accept-ranges
bytes
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
52450
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0pua23iJYRlEwRp%2FHY9wYra2ggxxYb00BpcVlvc2eVui2s8nUBan0pJpvmQCdTSNrcvJ0wTbSCE2Qeb%2FVsrZ5mIp61mTfVaQzOG%2BJmNn22N95qbAe%2BuQgtU4Kf8ozh4vwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 02:16:39 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=21545&min_rtt=20652&rtt_var=5706&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2344&delivery_rate=168709&cwnd=252&unsent_bytes=0&cid=188e3dc67966045b&ts=44&x=0"
x-goog-stored-content-length
43
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7B5vhn-7fw98bNAj15wiYtNWBA6qXQdpy4FlF-Q7I-umSmU-6_dD2ry6Uq4dhUBVsLubMKQ-7A9A
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ecd1f1ccb8f0e68-AMS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
age
25901
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 09:08:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 09:08:21 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.22220336575440602
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
52450
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlGLavOjSiOxbTtGaoiZ3IhRD3ijQ26V3aZ%2BkyF%2BMxheBBhpf%2F3zWrwYZujBR0OykV6XN9AIUO6uCgPpRA45TqzwL7NT5mpEfVp4i9wd6n5mO%2B1yimL4W5NlXXbQrBSIqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 02:16:39 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=21545&min_rtt=20652&rtt_var=5706&sent=9&recv=11&lost=0&retrans=0&sent_bytes=5123&recv_bytes=2344&delivery_rate=168709&cwnd=252&unsent_bytes=0&cid=188e3dc67966045b&ts=46&x=0"
x-goog-stored-content-length
43
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7B5vhn-7fw98bNAj15wiYtNWBA6qXQdpy4FlF-Q7I-umSmU-6_dD2ry6Uq4dhUBVsLubMKQ-7A9A
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ecd1f1ccb900e68-AMS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Wed, 04 Dec 2024 16:35:02 GMT
accept-ranges
bytes
content-length
17407
date
Wed, 04 Dec 2024 16:20:02 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
id5-api.js
cdn.id5-sync.com/api/1.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
14
expires
Wed, 04 Dec 2024 17:20:02 GMT
date
Wed, 04 Dec 2024 16:20:02 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
x-amz-id-2
UOveqzfMmFNQnEf/6oB99PaSCOeqOQW+h3Sw9nbCFUbQGcI/Vt4HXHMhJwXUh3qxLGzSG36f8lQHaB5YSVRGdSBqapVjVn41VQwuSiby1Eo=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
ER3MQNZPC16G1K65
cf-ray
8ecd1f1e5c169f96-AMS
server
cloudflare
x-amz-server-side-encryption
AES256
ping
api.viglink.com/api/ 		0
0
/
beacon.taboola.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329206.103546,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
loader.js
cdn.taboola.com/libtrc/forumotion-fr/ Frame 4772 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e8594e1a60796075cda1abce3ebf933fc0451d0c683c1c54788362164a626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"26eab30f0a05bc127242f702644b3d55"
x-amz-version-id
S_AUUHPQ64BY48uVU5CjxYzGC7DGmRX1
age
23
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
last-modified
Wed, 04 Dec 2024 07:44:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
GzVZ7bU/heoGgWkWano5D4qqc+KtplaoZIKyj6N7x87xYxiLxE7sW7Vc104YjNrnwQj8PcY7yXg=
vary
Accept-Encoding
x-amz-replication-status
PENDING
cache-control
private,max-age=14401
x-timer
S1733329201.755734,VS0,VE2
via
1.1 varnish
x-amz-request-id
3CZ7KB4454R5TG2W
accept-ranges
bytes
access-control-allow-origin
*
abp
37
content-length
275345
server
AmazonS3
x-amz-server-side-encryption
AES256
loader.js
cdn.taboola.com/libtrc/forumotion-fr/ Frame 9C8A 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e8594e1a60796075cda1abce3ebf933fc0451d0c683c1c54788362164a626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"26eab30f0a05bc127242f702644b3d55"
x-amz-version-id
S_AUUHPQ64BY48uVU5CjxYzGC7DGmRX1
age
23
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
last-modified
Wed, 04 Dec 2024 07:44:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
GzVZ7bU/heoGgWkWano5D4qqc+KtplaoZIKyj6N7x87xYxiLxE7sW7Vc104YjNrnwQj8PcY7yXg=
vary
Accept-Encoding
x-amz-replication-status
PENDING
cache-control
private,max-age=14401
x-timer
S1733329201.755734,VS0,VE2
via
1.1 varnish
x-amz-request-id
3CZ7KB4454R5TG2W
accept-ranges
bytes
access-control-allow-origin
*
abp
37
content-length
275345
server
AmazonS3
x-amz-server-side-encryption
AES256
loader.js
cdn.taboola.com/libtrc/forumotion-fr/ Frame 5208 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e8594e1a60796075cda1abce3ebf933fc0451d0c683c1c54788362164a626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"26eab30f0a05bc127242f702644b3d55"
x-amz-version-id
S_AUUHPQ64BY48uVU5CjxYzGC7DGmRX1
age
23
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:00 GMT
last-modified
Wed, 04 Dec 2024 07:44:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
GzVZ7bU/heoGgWkWano5D4qqc+KtplaoZIKyj6N7x87xYxiLxE7sW7Vc104YjNrnwQj8PcY7yXg=
vary
Accept-Encoding
x-amz-replication-status
PENDING
cache-control
private,max-age=14401
x-timer
S1733329201.755734,VS0,VE2
via
1.1 varnish
x-amz-request-id
3CZ7KB4454R5TG2W
accept-ranges
bytes
access-control-allow-origin
*
abp
37
content-length
275345
server
AmazonS3
x-amz-server-side-encryption
AES256
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 294C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp
27
accept-ranges
bytes
access-control-allow-origin
*
age
32372
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Wed, 04 Dec 2024 16:20:01 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status
COMPLETED
x-amz-request-id
07S5VCG943S7V2KE
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
20810
x-served-by
cache-ams21034-AMS
x-timer
S1733329201.247013,VS0,VE0
sync
gum.criteo.com/ Frame 4772 		46 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
354874
expires
60
date
Wed, 04 Dec 2024 16:20:05 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
json
trc.taboola.com/forumotion-fr/trc/3/ Frame 4772 		42 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/trc/3/json?llvl=2&tim=17%3A20%3A06.789&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%225499%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1733329206789%2C%22cv%22%3A%2220241203-54-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22bu%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1733298290689%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Afalse%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8cec0f80b7dfe57a02097442d0ea2275ec5938bfb79cf1c3953cfb1bc5c5a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
1068
x-timer
S1733329207.803794,VS0,VE295
x-vcl-time-ms
295
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.5291666666666667
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
/
beacon.taboola.com/ Frame 4772 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.797647,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 75C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp
27
accept-ranges
bytes
access-control-allow-origin
*
age
32372
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Wed, 04 Dec 2024 16:20:01 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status
COMPLETED
x-amz-request-id
07S5VCG943S7V2KE
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
20810
x-served-by
cache-ams21034-AMS
x-timer
S1733329201.247013,VS0,VE0
sync
gum.criteo.com/ Frame 9C8A 		46 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
354874
expires
60
date
Wed, 04 Dec 2024 16:20:05 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
json
trc.taboola.com/forumotion-fr/trc/3/ Frame 9C8A 		41 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/trc/3/json?llvl=2&tim=17%3A20%3A06.814&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2274083%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1733329206814%2C%22cv%22%3A%2220241203-54-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22bu%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22300x250%20Thumbnails-2%22%2C%22orig_uip%22%3A%22300x250%20Thumbnails-2%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2F%2C300x250%20Thumbnails-2%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1733298290689%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Afalse%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
529251616d4222f8574f8d9c10470d22d2baa1a88c3e84daaee8dea255f026b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
1083
x-timer
S1733329207.822634,VS0,VE489
x-vcl-time-ms
489
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.5597916666666667
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
/
beacon.taboola.com/ Frame 9C8A 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.822621,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 7A8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp
27
accept-ranges
bytes
access-control-allow-origin
*
age
32372
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Wed, 04 Dec 2024 16:20:01 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status
COMPLETED
x-amz-request-id
07S5VCG943S7V2KE
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
20810
x-served-by
cache-ams21034-AMS
x-timer
S1733329201.247013,VS0,VE0
sync
gum.criteo.com/ Frame 5208 		46 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
354874
expires
60
date
Wed, 04 Dec 2024 16:20:05 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
json
trc.taboola.com/forumotion-fr/trc/3/ Frame 5208 		41 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/trc/3/json?llvl=2&tim=17%3A20%3A06.823&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2271520%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1733329206823%2C%22cv%22%3A%2220241203-54-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22bu%22%3A%22https%3A%2F%2Fthenorthernlights.forumactif.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22300x250%20Thumbnails-5%22%2C%22orig_uip%22%3A%22300x250%20Thumbnails-5%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2F%2C300x250%20Thumbnails-5%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1733298290689%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Afalse%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
055d15ab0d271b031fd413d8c43a7dc8d02b862610b3202921c6724ec7966a1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
872
x-timer
S1733329207.831353,VS0,VE278
x-vcl-time-ms
278
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.476875
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
/
beacon.taboola.com/ Frame 5208 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.831362,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
fraud-detect.js
cdn.taboola.com/scripts/ Frame 4772 		121 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age
25676
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
70529
content-type
application/javascript
x-amz-id-2
Auuwrc6hAgVeWKV3iiW+DIb/hdMGRnKWrtFPsUWB1GRiRq/U/bT5BZYenBREfML6WcH7QLdxs5w=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1733329207.199657,VS0,VE0
via
1.1 varnish
x-amz-request-id
W8GHBXW5SDEQM0S0
accept-ranges
bytes
access-control-allow-origin
*
abp
90
content-length
125
server
AmazonS3
x-amz-server-side-encryption
AES256
cds-pips.js
cdn.taboola.com/scripts/ Frame 4772 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
3172
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
9516
content-type
application/javascript
x-amz-id-2
q8NdEeSjpdky1DA4VgMS+D9GIcfAy1ZDwpjE8jkgmTf+5xU+16T3eCZv4EcoiaOaOFnT2ageHec=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1733329207.199964,VS0,VE0
via
1.1 varnish
x-amz-request-id
0EFV1DYEFBY9PJDV
accept-ranges
bytes
access-control-allow-origin
*
abp
50
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
sync
gum.criteo.com/ Frame 4772 		45 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=&gdpr=1&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aee57ef6760265aff6d5270258732ffbcbcfb0f96add35de5189cb60f20c6e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
661573
expires
60
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/5.1.0/ Frame 4772 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74f3853706778739cc54417e36b8df065e41dfb56885e55f184ab35d561eeed4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"7dd700a7a0ffd1c6938c81be4754b680"
age
1404870
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
oHCSv3uwuV0Xl8bYaYBsqBK3V1C8JURM9c479MhKykaK5qYBrApOaA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
x-served-by
cache-ams2100102-AMS
x-cache-hits
22168
last-modified
Mon, 18 Nov 2024 10:04:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329207.143854,VS0,VE0
via
1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30310
x-amz-cf-pop
AMS1-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
60c3511d00bebe94ee73e41bae364415.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4772 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3511d00bebe94ee73e41bae364415.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e10adedb2affd2cc80031b3a03056f4c0f20b12858f2b73407784b61cb46900e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-request-id
58962ff342608d1e67f49a0e36f29540
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3511d00bebe94ee73e41bae364415.png
etag
"bb4a78c4c7f7fdbdde1f460d54b7eed2"
surrogate-reporting
width=360,height=180,bytes=12118,owidth=2962,oheight=1666,obytes=4679941,ef=(1,13,17,23,30)
cache-tag
499060749544432498031777550629966760029,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
age
2436053
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
image/webp
last-modified
Sat, 26 Oct 2024 13:04:37 GMT
x-served-by
cache-iad-kiad7000037-IAD, cache-iad-kiad7000037-IAD, cache-lga21930-LGA, cache-iad-kcgs7200134-IAD, cache-ams2100102-AMS
x-cache-hits
0, 2, 0, 60, 377
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
499060749544432498031777550629966760029,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
101
x-timer
S1733329207.156883,VS0,VE0
x-orig-request-id
50d6e8ce9b5bb9e72fc6a751877ce207
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://acdn.adnxs-simple.com/
content-length
7562
x-ratelimit-limit
101
server
nginx
B32380375.402832074;dc_pre=CMqlr73CjooDFQGc_QcdkKAeBw;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/ Frame 4772
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
  • https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_pre=CMqlr73CjooDFQGc_QcdkKAeBw;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;d...
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_pre=CMqlr73CjooDFQGc_QcdkKAeBw;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=thenorthernlights.forumactif.com
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H3
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
43
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N2218577.2069703TABOOLA/B32380375.402832074;dc_pre=CMqlr73CjooDFQGc_QcdkKAeBw;dc_trk_aid=594397573;dc_trk_cid=221208758;ord=2024-12-04+16%3A20%3A07;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=thenorthernlights.forumactif.com
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 4772 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/ Frame 4772 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&ui=e5a6d5da-1b9c-46b8-a9a0-df6b13e811a0-tucte4a06b6&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22728x90%20Thumbnails_2082565612%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.147702,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 4772 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
fraud-detect.js
cdn.taboola.com/scripts/ Frame 5208 		121 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
age
25676
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
70530
content-type
application/javascript
x-amz-id-2
Auuwrc6hAgVeWKV3iiW+DIb/hdMGRnKWrtFPsUWB1GRiRq/U/bT5BZYenBREfML6WcH7QLdxs5w=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1733329207.238169,VS0,VE0
via
1.1 varnish
x-amz-request-id
W8GHBXW5SDEQM0S0
accept-ranges
bytes
access-control-allow-origin
*
abp
83
content-length
125
server
AmazonS3
x-amz-server-side-encryption
AES256
cds-pips.js
cdn.taboola.com/scripts/ Frame 5208 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
3172
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
9516
content-type
application/javascript
x-amz-id-2
q8NdEeSjpdky1DA4VgMS+D9GIcfAy1ZDwpjE8jkgmTf+5xU+16T3eCZv4EcoiaOaOFnT2ageHec=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1733329207.199964,VS0,VE0
via
1.1 varnish
x-amz-request-id
0EFV1DYEFBY9PJDV
accept-ranges
bytes
access-control-allow-origin
*
abp
50
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
sync
gum.criteo.com/ Frame 5208 		45 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=&gdpr=1&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aee57ef6760265aff6d5270258732ffbcbcfb0f96add35de5189cb60f20c6e41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
661573
expires
60
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/5.1.0/ Frame 5208 		109 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74f3853706778739cc54417e36b8df065e41dfb56885e55f184ab35d561eeed4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"7dd700a7a0ffd1c6938c81be4754b680"
age
1404870
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
oHCSv3uwuV0Xl8bYaYBsqBK3V1C8JURM9c479MhKykaK5qYBrApOaA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
x-served-by
cache-ams2100102-AMS
x-cache-hits
22168
last-modified
Mon, 18 Nov 2024 10:04:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329207.143854,VS0,VE0
via
1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30310
x-amz-cf-pop
AMS1-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
984c4a2c200056d854e1b2e26f304998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5208 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/984c4a2c200056d854e1b2e26f304998.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39bbf78948880dd4bb32ebe8b10b28245d358b68dd96fe53a7956aba1a6d5a0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-request-id
155fa3aa4502edcbf656733af7ae9777
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/984c4a2c200056d854e1b2e26f304998.jpg
etag
"a48a5e47b6b5976eb51009e182a398c1"
surrogate-reporting
width=360,height=180,bytes=29817,owidth=1920,oheight=1080,obytes=287439,ef=(1,13,17,23,30)
cache-tag
437716883506189186858527712655930642444,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
age
887123
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 01:26:49 GMT
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000128-IAD, cache-lax-kwhp1940063-LAX, cache-iad-kcgs7200024-IAD, cache-ams2100102-AMS
x-cache-hits
0, 0, 0, 22, 2
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
437716883506189186858527712655930642444,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
705
x-timer
S1733329207.156843,VS0,VE0
x-orig-request-id
03d6a29e7d4d0233ea1742869b5aee86
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.globes.co.il/
content-length
20326
x-ratelimit-limit
101
server
nginx
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 5208 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/ Frame 5208 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&ui=74ef2d54-fd85-4d5d-b33a-59b7d911ba7d-tucte4a06b6&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22300x250%20Thumbnails-5_4272662875%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.158104,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 5208 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
pixel-taboola
www.temu.com/api/adx/cm/ Frame 19AE
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=06dd71b2-c93b-4fa5-af98-defd21820be2-tucte4a06b7
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=06dd71b2-c93b-4fa5-af98-defd21820be2-tucte4a06b7
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Server
172.64.144.50 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
yak-timeinfo
1733329207412|3
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
cf-ray
8ecd1f3a2e51b8b5-AMS
x-gateway-request-id
1733329207412-3ae7068e7b488303116b7c2ddb45a656
cip
212.7.210.179
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
cloudflare

Redirect headers

x-fastly-to-nlb-rtt
22196
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=06dd71b2-c93b-4fa5-af98-defd21820be2-tucte4a06b7
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
access-control-allow-credentials
true
bounce
ib.adnxs.com/ Frame 19AE
Redirect Chain
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
212.7.210.179; 212.7.210.179; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
2d82336f-b8fa-4fd3-9314-b7c1c4cb510e
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
212.7.210.179; 212.7.210.179; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
e06f73c9-3657-4c1d-b94b-6ba09b48b84b
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
supply-feature
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 4772 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/supply-feature?lti=trecs&ri=62fba85e9da5876f72c60dadb9f53229&sd=v2_3bd050acbc2919cc738cae92fb9422ca_e5a6d5da-1b9c-46b8-a9a0-df6b13e811a0-tucte4a06b6_1733329206_1733329206_CIi3jgYQ7tg_GIX84pO5MiABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaK7ex4uO4v-s3wFwAIABAA&ui=e5a6d5da-1b9c-46b8-a9a0-df6b13e811a0-tucte4a06b6&pi=%2F&wi=803206551085269988&pt=text&vi=1733329206789&tim=17%3A20%3A07.157&id=68568&llvl=2&cv=20241203-54-RELEASE&d=%7B%22event_type%22%3A%22ITEM_VIEWABLE%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22VIEWABLE%22%2C%22event_msg%22%3A%221733329207157%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
pixel-taboola
www.temu.com/api/adx/cm/ Frame A7BD
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=ba0a42f4-c89e-4c17-8756-da7a97b3e7ce-tucte4a06b7
0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=ba0a42f4-c89e-4c17-8756-da7a97b3e7ce-tucte4a06b7
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Server
172.64.144.50 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
yak-timeinfo
1733329207412|2
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
cf-ray
8ecd1f3a2e54b8b5-AMS
x-gateway-request-id
1733329207412-1c9bf9e6cabc96fa8bbd3616fcbde223
cip
212.7.210.179
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
cloudflare

Redirect headers

x-fastly-to-nlb-rtt
23417
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=ba0a42f4-c89e-4c17-8756-da7a97b3e7ce-tucte4a06b7
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
access-control-allow-credentials
true
bounce
ib.adnxs.com/ Frame A7BD
Redirect Chain
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
212.7.210.179; 212.7.210.179; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
de3f96a8-8dda-4590-af8a-6d48afb390dd
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
212.7.210.179; 212.7.210.179; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
67d0f96d-1864-426f-9f31-3d0c6c84eb3f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fthenorthernlights.forumactif.com%2F/DESKTOP/WIDGET_OFF/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fthenorthernlights.forumactif.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-02-09-47-30/widget_app_base_1733132850231.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.233.137.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-137-16.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
77
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json; charset=utf-8
x-service-version
seo-w-eb3c4543
vary
Accept-Encoding
access-control-allow-headers
*
fraud-detect.js
cdn.taboola.com/scripts/ Frame 9C8A 		121 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
age
25676
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
70531
content-type
application/javascript
x-amz-id-2
Auuwrc6hAgVeWKV3iiW+DIb/hdMGRnKWrtFPsUWB1GRiRq/U/bT5BZYenBREfML6WcH7QLdxs5w=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1733329207.357037,VS0,VE0
via
1.1 varnish
x-amz-request-id
W8GHBXW5SDEQM0S0
accept-ranges
bytes
access-control-allow-origin
*
abp
68
content-length
125
server
AmazonS3
x-amz-server-side-encryption
AES256
cds-pips.js
cdn.taboola.com/scripts/ Frame 9C8A 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
3172
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-ams21024-AMS
x-cache-hits
9516
content-type
application/javascript
x-amz-id-2
q8NdEeSjpdky1DA4VgMS+D9GIcfAy1ZDwpjE8jkgmTf+5xU+16T3eCZv4EcoiaOaOFnT2ageHec=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1733329207.199964,VS0,VE0
via
1.1 varnish
x-amz-request-id
0EFV1DYEFBY9PJDV
accept-ranges
bytes
access-control-allow-origin
*
abp
50
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
sync
gum.criteo.com/ Frame 9C8A 		45 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=&gdpr=1&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aee57ef6760265aff6d5270258732ffbcbcfb0f96add35de5189cb60f20c6e41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
661573
expires
60
date
Wed, 04 Dec 2024 16:20:06 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/5.1.0/ Frame 9C8A 		109 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74f3853706778739cc54417e36b8df065e41dfb56885e55f184ab35d561eeed4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"7dd700a7a0ffd1c6938c81be4754b680"
age
1404870
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
oHCSv3uwuV0Xl8bYaYBsqBK3V1C8JURM9c479MhKykaK5qYBrApOaA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
x-served-by
cache-ams2100102-AMS
x-cache-hits
22168
last-modified
Mon, 18 Nov 2024 10:04:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329207.143854,VS0,VE0
via
1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30310
x-amz-cf-pop
AMS1-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
984c4a2c200056d854e1b2e26f304998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9C8A 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/984c4a2c200056d854e1b2e26f304998.jpg
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39bbf78948880dd4bb32ebe8b10b28245d358b68dd96fe53a7956aba1a6d5a0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-request-id
155fa3aa4502edcbf656733af7ae9777
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/984c4a2c200056d854e1b2e26f304998.jpg
etag
"a48a5e47b6b5976eb51009e182a398c1"
surrogate-reporting
width=360,height=180,bytes=29817,owidth=1920,oheight=1080,obytes=287439,ef=(1,13,17,23,30)
cache-tag
437716883506189186858527712655930642444,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
age
887123
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 01:26:49 GMT
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000128-IAD, cache-lax-kwhp1940063-LAX, cache-iad-kcgs7200024-IAD, cache-ams2100102-AMS
x-cache-hits
0, 0, 0, 22, 2
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
437716883506189186858527712655930642444,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
705
x-timer
S1733329207.156843,VS0,VE0
x-orig-request-id
03d6a29e7d4d0233ea1742869b5aee86
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.globes.co.il/
content-length
20326
x-ratelimit-limit
101
server
nginx
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 9C8A 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/ Frame 9C8A 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=forumotion-fr&ui=dd4eb0af-3094-4dfb-af37-a0385bfa081f-tucte4a06b6&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22300x250%20Thumbnails-2_5778789966%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1733329207.357277,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
x-served-by
cache-ams2100102-AMS
server
Varnish
x-cache-hits
0
metrics
am-trc-events.taboola.com/forumotion-fr/log/3/ Frame 9C8A 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/forumotion-fr/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

access-control-allow-origin
https://thenorthernlights.forumactif.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:07 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
pixel-taboola
www.temu.com/api/adx/cm/ Frame 6AB5
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=2b23c43c-7a51-4345-8953-545f85a21b2f-tucte4a06b7
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=2b23c43c-7a51-4345-8953-545f85a21b2f-tucte4a06b7
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Server
172.64.144.50 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
yak-timeinfo
1733329207444|2
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
cf-ray
8ecd1f3a6e9ab8b5-AMS
x-gateway-request-id
1733329207444-52860cde7be649bb38b70bcf198cb19f
cip
212.7.210.179
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
cloudflare

Redirect headers

x-fastly-to-nlb-rtt
27771
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=2b23c43c-7a51-4345-8953-545f85a21b2f-tucte4a06b7
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
access-control-allow-credentials
true
setuid
ib.adnxs.com/ Frame 6AB5 		43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
212.7.210.179; 212.7.210.179; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
8460a790-592d-4c54-8b43-46f4b8c3dfd4
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 16:20:07 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
st
imprammp.taboola.com/ Frame E1E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&cmcv=&pix=undefined&cb=1733329207430&uv=3454&tms=1733329207430&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!mprdctdt6_vA!rbcatc_vB!smbs!ufm!vdprc_vD&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d793360e-b70d-4398-bc9e-84958eb1b569&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21034-AMS
x-timer
S1733329207.444365,VS0,VE4
sync
am-match.taboola.com/ Frame F3FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
machineid
440101
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_5_4/assets/css/ Frame 4772 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"b1d58e4bce6171849235df9c05d37a41"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047359
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:02:41 GMT
content-type
text/css
x-served-by
cache-ams2100102-AMS
x-cache-hits
73676
x-amz-id-2
NuDnOOTf/D1YhsZQR6w+VoyXDI0W4zjMxY+3KlyVyZ4lzkwyY0nv1ChMgS3FTDfBu0zN2JtwnxA=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.442565,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7FH13DD6HB2E6X
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
10879
x-amz-meta-ctime
1733047360
server
AmazonS3-br
x-amz-server-side-encryption
AES256
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 4772 		395 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
97943c06da1cf16a3ab3794008a043be4b5ea72c0f949f15490cc9e77a485b87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2486c8691c5af36099ec596e6d0eea78"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047309
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:01:51 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
25521
x-amz-id-2
11S3Ff1ng+VZKObYVR9Z9tjUbuIaBE00/JJQJsn3Wi/nxArzKuBhHer1JkKQ/Ruc2sU4byu+rYKDyEsYRgbjaQdeqJRIyB57b985SuqLWE4=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.452789,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7CGT21T8FHM9T7
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
89829
x-amz-meta-ctime
1733047310
server
AmazonS3-br
x-amz-server-side-encryption
AES256
st
am-vid-events.taboola.com/ Frame 4772 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&cmcv=&pix=31589837&cb=1733329207430&uv=3454&tms=1733329207430&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!mprdctdt6_vA!rbcatc_vB!smbs!ufm!vdprc_vD&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1733329206757.8!ts:1733329207430&mntl=1
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
content-length
0
st
imprammp.taboola.com/ Frame 3337 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&cmcv=&pix=undefined&cb=1733329207436&uv=3454&tms=1733329207436&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!mprdctdt6_vA!smbs!t45!ufm!uftchrwf_vC!unf_vC&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=555028fa-a666-469f-8be4-813f2b6a7ecf&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21034-AMS
x-timer
S1733329207.446459,VS0,VE4
sync
am-match.taboola.com/ Frame 4857 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
machineid
440105
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_5_4/assets/css/ Frame 5208 		81 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"b1d58e4bce6171849235df9c05d37a41"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047359
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:02:41 GMT
content-type
text/css
x-served-by
cache-ams2100102-AMS
x-cache-hits
73676
x-amz-id-2
NuDnOOTf/D1YhsZQR6w+VoyXDI0W4zjMxY+3KlyVyZ4lzkwyY0nv1ChMgS3FTDfBu0zN2JtwnxA=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.442565,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7FH13DD6HB2E6X
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
10879
x-amz-meta-ctime
1733047360
server
AmazonS3-br
x-amz-server-side-encryption
AES256
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 5208 		395 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
97943c06da1cf16a3ab3794008a043be4b5ea72c0f949f15490cc9e77a485b87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2486c8691c5af36099ec596e6d0eea78"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047309
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:01:51 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
25521
x-amz-id-2
11S3Ff1ng+VZKObYVR9Z9tjUbuIaBE00/JJQJsn3Wi/nxArzKuBhHer1JkKQ/Ruc2sU4byu+rYKDyEsYRgbjaQdeqJRIyB57b985SuqLWE4=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.452789,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7CGT21T8FHM9T7
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
89829
x-amz-meta-ctime
1733047310
server
AmazonS3-br
x-amz-server-side-encryption
AES256
st
am-vid-events.taboola.com/ Frame 5208 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&cmcv=&pix=31589837&cb=1733329207436&uv=3454&tms=1733329207436&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!mprdctdt6_vA!smbs!t45!ufm!uftchrwf_vC!unf_vC&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1733329206765.8!ts:1733329207436&mntl=1
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
content-length
0
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 5208 		451 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
51b3123578bb3b704cd846ba001147b2482a2371bdb92130a544fda0ad4bfb65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2f32f570a08384f29e324f5ee22b6654"
age
84736
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Tue, 03 Dec 2024 16:45:59 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
37290
x-amz-id-2
/X179ioPV9A267gYiFCHyputkhuL1752buZQspzO0wYwwrx4t86PbF2vS00OiAtzCzSh2kOP6vg=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329208.570278,VS0,VE0
via
1.1 varnish
x-amz-request-id
R9DC38F069PNFDQ2
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
86033
x-amz-meta-ctime
1733244358
server
AmazonS3-br
x-amz-server-side-encryption
AES256
blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 5208 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://thenorthernlights.forumactif.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"b2b087fe4ae638c533731c347fcd4df8"
age
3334759
x-amz-meta-mtime
1497790207
x-amz-meta-gid
0
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
WoHPHOe2dGFB_TJY9tY-q8h7Qk9QOtCPKcdvMWPMeYg7j3urNSy9Uw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
video/mp4
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1423561
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.584206,VS0,VE0
Content-Range
bytes 0-90783/90784
via
1.1 cec0e64209a322f193c5e90a44c7fc7e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
90784
x-amz-cf-pop
AMS1-P3
server
AmazonS3
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 4772 		451 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
51b3123578bb3b704cd846ba001147b2482a2371bdb92130a544fda0ad4bfb65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2f32f570a08384f29e324f5ee22b6654"
age
84736
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Tue, 03 Dec 2024 16:45:59 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
37290
x-amz-id-2
/X179ioPV9A267gYiFCHyputkhuL1752buZQspzO0wYwwrx4t86PbF2vS00OiAtzCzSh2kOP6vg=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329208.570278,VS0,VE0
via
1.1 varnish
x-amz-request-id
R9DC38F069PNFDQ2
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
86033
x-amz-meta-ctime
1733244358
server
AmazonS3-br
x-amz-server-side-encryption
AES256
blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 4772 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://thenorthernlights.forumactif.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"b2b087fe4ae638c533731c347fcd4df8"
age
3334759
x-amz-meta-mtime
1497790207
x-amz-meta-gid
0
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
WoHPHOe2dGFB_TJY9tY-q8h7Qk9QOtCPKcdvMWPMeYg7j3urNSy9Uw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
video/mp4
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1423562
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.629132,VS0,VE0
Content-Range
bytes 0-90783/90784
via
1.1 cec0e64209a322f193c5e90a44c7fc7e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
90784
x-amz-cf-pop
AMS1-P3
server
AmazonS3
st
am-vid-events.taboola.com/ Frame 4772 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&cmcv=&pix=31579697&cb=1733329207602&uv=3454&tms=1733329207602&su=&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!mprdctdt6_vA!rbcatc_vB!smbs!ufm_vA!vdprc_vD&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
content-length
0
st
imprammp.taboola.com/ Frame 3F00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&cmcv=&pix=undefined&cb=1733329207605&uv=3454&tms=1733329207605&abt=adxsub-out_vA!adxsub-out_vB!flradc_vB!flrmin_vB!iiqrc_vA!iiqwfcontrol_vB!lotc_vA!mprdctdt6_vA!pl157994b_vB!smbs!t45!ufm!ut_vB&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=96134db8-2b7a-49e7-a96a-2f7dd09d751b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21034-AMS
x-timer
S1733329208.615702,VS0,VE4
sync
am-match.taboola.com/ Frame A2F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://thenorthernlights.forumactif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
0
date
Wed, 04 Dec 2024 16:20:07 GMT
machineid
440103
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_5_4/assets/css/ Frame 9C8A 		81 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"b1d58e4bce6171849235df9c05d37a41"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047359
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:02:41 GMT
content-type
text/css
x-served-by
cache-ams2100102-AMS
x-cache-hits
73676
x-amz-id-2
NuDnOOTf/D1YhsZQR6w+VoyXDI0W4zjMxY+3KlyVyZ4lzkwyY0nv1ChMgS3FTDfBu0zN2JtwnxA=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.442565,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7FH13DD6HB2E6X
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
10879
x-amz-meta-ctime
1733047360
server
AmazonS3-br
x-amz-server-side-encryption
AES256
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 9C8A 		395 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
97943c06da1cf16a3ab3794008a043be4b5ea72c0f949f15490cc9e77a485b87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2486c8691c5af36099ec596e6d0eea78"
age
281774
x-amz-meta-gid
0
x-amz-meta-mtime
1733047309
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Sun, 01 Dec 2024 10:01:51 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
25521
x-amz-id-2
11S3Ff1ng+VZKObYVR9Z9tjUbuIaBE00/JJQJsn3Wi/nxArzKuBhHer1JkKQ/Ruc2sU4byu+rYKDyEsYRgbjaQdeqJRIyB57b985SuqLWE4=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329207.452789,VS0,VE0
via
1.1 varnish
x-amz-request-id
YH7CGT21T8FHM9T7
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
89829
x-amz-meta-ctime
1733047310
server
AmazonS3-br
x-amz-server-side-encryption
AES256
st
am-vid-events.taboola.com/ Frame 9C8A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&cmcv=&pix=31589837&cb=1733329207605&uv=3454&tms=1733329207605&abt=adxsub-out_vA!adxsub-out_vB!flradc_vB!flrmin_vB!iiqrc_vA!iiqwfcontrol_vB!lotc_vA!mprdctdt6_vA!pl157994b_vB!smbs!t45!ufm!ut_vB&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1733329206762.2!ts:1733329207605&mntl=1
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
content-length
0
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 9C8A 		451 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
51b3123578bb3b704cd846ba001147b2482a2371bdb92130a544fda0ad4bfb65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thenorthernlights.forumactif.com
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
br
etag
"2f32f570a08384f29e324f5ee22b6654"
age
84736
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:07 GMT
last-modified
Tue, 03 Dec 2024 16:45:59 GMT
content-type
application/javascript
x-served-by
cache-ams21024-AMS
x-cache-hits
37290
x-amz-id-2
/X179ioPV9A267gYiFCHyputkhuL1752buZQspzO0wYwwrx4t86PbF2vS00OiAtzCzSh2kOP6vg=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1733329208.570278,VS0,VE0
via
1.1 varnish
x-amz-request-id
R9DC38F069PNFDQ2
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
86033
x-amz-meta-ctime
1733244358
server
AmazonS3-br
x-amz-server-side-encryption
AES256
st
am-vid-events.taboola.com/ Frame 9C8A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&cmcv=&pix=&cb=1733329207632&uv=3454&tms=1733329207632&su=&abt=adxsub-out_vA!adxsub-out_vB!flradc_vB!flrmin_vB!iiqrc_vA!iiqwfcontrol_vB!lotc_vA!mprdctdt6_vA!pl157994b_vB!smbs!t120!t45!ufm_vA!ut_vB&ru=https://thenorthernlights.forumactif.com/&ft=1&unm=WIDGET_ITEM&mntl=1&
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

date
Wed, 04 Dec 2024 16:20:07 GMT
server
nginx
content-length
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 9C8A 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://thenorthernlights.forumactif.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"b2b087fe4ae638c533731c347fcd4df8"
age
3334759
x-amz-meta-mtime
1497790207
x-amz-meta-gid
0
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
WoHPHOe2dGFB_TJY9tY-q8h7Qk9QOtCPKcdvMWPMeYg7j3urNSy9Uw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
video/mp4
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
1423563
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.679503,VS0,VE0
Content-Range
bytes 0-90783/90784
via
1.1 cec0e64209a322f193c5e90a44c7fc7e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
90784
x-amz-cf-pop
AMS1-P3
server
AmazonS3
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 5208 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1733329207669&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1707&pt=1731714912&tz=60&viewable=true&ddast=V9GW0CABYDALNwJR7boc8GBACzcCUe26HPBgUAAAAABgYA4gcAJLVaDSbDmcOtsM1ma9FsOXMLJy7TWrjYzCwT28K38tiMAEBSq9VgMpw53ArbbLYWzZYzt3DiMq2Fi83MMrEtfCuPzQoAFDMYDC-rwUBUdL0tdofT7Hmr1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAqNw5MkS8ZsmJAAAERsSKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs93KAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AkPFNLLbFcGNYuTwzk2G1miyME5NlY5tYPKvhaOQ9gHooAFaAk-nIPgCKGQyGl9VgICq63ha7w2n2vFXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIAzI1WNsvINVrLTMbVWjRyjdwSz2bhVi0nvpFzsZg4fCO36PUxvUwLw2xi2yKAYMDHXiRPi3Siskxcq4lpMtzYJsbZaDcbLTeulWGxWJg2Ls9iNRFLNCeLdCK77Du-icW2GG4MK5dnZjKsVpOFcWKybGwTi2c1HI38vdHKZhm5RmuZybhai0aukVvi2SzcquXEN3IuFhOHb-QWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv8elGUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAA8X0AICq8euFHrhR-AIIczkb7BwAQoBBrtVrdbqzVagUEEMRuMZxAwP___z9BAAAAAAAAgAliQQAAAAAAAADVO0KAwLabEFAhwGCIlr_b5YWADAEAAAAAAAATVA4BnlR1Vsj6f6IPAQAAAZOSeL4n!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&ioovp=undefined&distance=undefined&dtagid=1089091&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!mprdctdt6_vA!smbs!t45!ufm_vA!uftchrwf_vC!unf_vC&mPre=0.025&cirf=https%3A%2F%2Fthenorthernlights.forumactif.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c5ea7a76aa57c77b753a5a9c1cacee332acb054f6944d1df22b3948d9743d06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
x-cache
MISS
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
link
<http://{"bidderRequest">; rel=preconnect
machineid
140152
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
pragma
no-cache
x-timer
S1733329208.686762,VS0,VE52
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
server
nginx
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 5208 		232 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"68d0c40fe5d02dbd22ed13ed9a7a340d"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
hhPYxpWuJJIhYk7-4GzcfrxT6s5nQJHqmZ-qNS1ECdS8R1argDd7vA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:41 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
17943
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.683846,VS0,VE0
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
73742
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 4772 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1733329207679&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1707&pt=480397477&tz=60&viewable=true&ddast=V9wkgCABYDAL1cC8rDNy8pBAC9XAvKwzcvKQUAAAAABgYA4gcAJORbbjazwcot8Q1GbtFmOVxLPM6VWzharoYri2Pimi2HAEBCvuVmMxus3BLfYOQWbZbDtcTjXLmFo-VquLI4Jq7ZcgoAETcZDp-DgajoelvsDqfZ8waAFDSdDp_rXi86uux-y-nostzNTp_R9LnL_JbX2-ExPW12jd_tlwMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAAOUGgIATyQGAYH-zy25yuP0BAAAAAAACAAAAAEACACAwvlICAADhOXQC8P________8fAzBAn3kjA_D___9_A2DQAwDw4AMA8CAEAAAAYDEE4C-peoh-C7RLBAAgMIJVBMAIAAAAAID6QHr2CGASQCcAVAAWVQD____9VgAAVwAAAAGTkni-KFkAuoMSb2EAAAAAAGIAtNmkxsJmvnFjAAv0sPj9Zodd43e7DOD_________3wzg_wzgHw1AKAqONA0AiFMvXA3gFxAAYA3gFxAAgA1A3QAAAN4AAuAAQg4gBU2nw-e614uOLrvfcjq6LHez02c0fe4yv-X1dnhMT5td43f7RQdA0IrBYHUABrTc7Jaz2QEAAAAA3AH8____4wHQZpMaC5v5xukBgMzEZFgNFh6Lx7JcLDce32a4cbick5nFOZpMNg7vATDZcStTlX-u9AFE3GQ4fA4GoqLrbbE7nGbP_QAmbDFaTSab5XC2XEwGw9FwNNofwEBsFgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIAFOuhW3kGjnciolz4xbNJsa1wrkwrEU228SxWRkXi4VhLXp9TC_TwjCb2LYIIBjwsRfJ0yKdyCYzi8O4WjlHDtdwN5v5JhvbYOQwWZwz12YyWU7EEs3JIp3ILvvOxGRYDRYei8eyXCw3Ht9muHG4nJOZxTmaTDYOf8u1sI1cI4dbMXFu3KLZxLhWOBeGtchmmzg2K-NisTCsRa-P6WVaGGYT276x22w2k-VkMNs3dpvNZrKcDGb7DpPpmfqcjd7o5-8xicXR4M9aMx0ULoPF-ztapLFbb2ZU2cYWi2kYmn4mVqHf7_f7_X6_3-_3bswGj8FgeHkr42n1J83ems_uxnswGRQGgyKWCC7Sicxveb39pqff7pZZLmKJ0nSRTvQSsURwukgnopfxdFH_EaBBFpO5bi5ZDOaK3XKVAAAAAAAAAAAAlgA2AQAAAAA4AQxiuJxMdusEOIjBcDlYLpYLAPDA7qYL8BOcO2Jryg25C7BQAqlhRDtEfgzQYH7L6-03Pf12t8xyZQCAB2pyZoDNAJ8BCGKtVssaAAAAQAAbAAAAIIAbQDcAbwABJ3IcAAAAgIweAAAAQHwfAIgKr174kSvlHwBAgEKs1Wp1u7FWqxUQQBC7xXACAf____8FAQAAAAAAAEu0BgEAAAAAAABG5AgBAttuQkCFAIMhWv5ulxcCOgR4FtVdQRyAGT4EAAAETEri-RYA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&ioovp=false&distance=undefined&dtagid=1089091&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!mprdctdt6_vA!rbcatc_vB!smbs!ufm_vA!vdprc_vD&mPre=0.025&cirf=https%3A%2F%2Fthenorthernlights.forumactif.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07d4b73c72b8e93aea4670bc51a3eb3ebf8bb5643867c1bd19aeedef5731a9f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
x-cache
MISS
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
link
<http://{"bidderRequest">; rel=preconnect
machineid
140142
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
pragma
no-cache
x-timer
S1733329208.688277,VS0,VE190
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
server
nginx
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 4772 		232 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"68d0c40fe5d02dbd22ed13ed9a7a340d"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
hhPYxpWuJJIhYk7-4GzcfrxT6s5nQJHqmZ-qNS1ECdS8R1argDd7vA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:41 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
17943
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.683846,VS0,VE0
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
73742
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 9C8A 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1733329207686&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1707&pt=790248664&tz=60&viewable=true&ddast=V9L78CABYDAJxThN1ObU-vBACcU4TdTm1PrwUAAAAABgYA4gcAJDlbbEYji3EtmfgWbtFy5VsrnLOFWzLzjUyG5ci3WkyMAECSs8VmNLIY15KJb-EWLVe-tcI5W7glM9_IZFiOfKvFxAoAFDMYDC-rwUBUdL0tdofT7HlL1gCQgqbT4XPd60VHl91vOR1dlrvZ6TOaPneZ3_J6Ozymp82u8bv9cgAAAAAAeAD4____hwAAAAAAiAAAAAAAkAAAAAAAoAAIqAD4twAQuAAAAAAAwAD4____1wAAoNwAEHAiOQAQ7G922U0Otz8AAAAAAEAAAAAAAEgAAATGV0oAACA8h04A_v________9jAAboM29kAP7___9vAAx6AAAefAAAHoQAAAAALIYAhhyQl4CeYgKJAAAERviKABgBAAAAAFAfSM8eAUwC6ASACsCiCuD__7_fCgDgCgAAIGBSEs8XKAtAd1DiLQwAAAAAQAyANpvUWNjMN24MYIEeFr_f7LBr_G6XAfz_________mwH8nwH8owEIRcGRpgEAceqFqwH8AgIArAH8AgIAsAGoGwAAwBtAABxAyAGkoOl0-Fz3etHRZfdbTkeX5W52-oymz13mt7zeDo_pabNr_G6_6AAIWjEYrA7AgJab3XI2OwAAAACAO4D___9_PADabFJjYTPfOD0AEFrsVhObzblY-Va7wca4cnk8psHIZTFMLJvhzOM9AEG9dcOsPyD6PgCKGQyGl9VgICq63ha7w2n2vCXzA5iwxWg1mWyWw9lyMRkMR8PRaH8AA7FZDBCAoiWL1XK42k0Wo81iMVnuhqPJBAEoWjSYrEajyWIyXI0mq9lysdttEICiVavZaDMYrmaT2W63Gg6Gy9EIASZsMVpNJpvlcLZcTAbD0XA0GiIADJlMK4thYXNrBsvRWjSyWdwKm2e3Vhg2w9XE5jAMFzO36PUxvUwLw2xi2yKAYMDHXiRPi3QiMg0mo4lxY7N4HBvPzDSxLScu32rhXAxXw9VsMRFLNCeLdCK77EuL3WpiszkXK99qN9gYVy6PxzQYuSyGiWUznHn8JZNpZTEsbG7NYDlai0Y2i1th8-zWCsNmuJrYHIbhYuYWvT6ml2lhmE1s-8Zus9lMlpPBbN_YbTabyXIymO07TKZn6nM2eqOfv0flDUeDP2vNdFC4DBbv72iRxm69mVFlG1sspmFo-plYhX6_3-_3-_1-v9-7MRs8BoPh5a2Mp9WfNHtrPrsb78FkUBgMilgiuEgnMr_l9fabnn67W2a5iCVK00U60UvEEsHpIp2IXsbTRf1HgAZZTOa6uWQxmCt2y1UCAAAAAAAAAABYAtgEAAAAAOAEMIjhcjLZrRPgIAbD5WC5WC4AwAO7my7AT3DuiK0pN-QuwEIJpIYR7RD5MUCD-S2vt9_09NvdMsuVAQAeqMmZATYDfAYgiLVaLWsAAAAAAWwAAACAAG4A3QC8AQScyHEAAAAAMnoAAAAAcX6AgVYN9g8AIEAh1mq1ut1Yq9UKCCCI3WI4gYD___9_goD_______9_54IAAAAAAAAAqneEAIFtNyGgQoDBEC1_t8sLARkC_v________0dAjoR6qzaYV_4HgIAAAImJfF8PQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&ioovp=undefined&distance=undefined&dtagid=1089091&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!flradc_vB!flrmin_vB!iiqrc_vA!iiqwfcontrol_vB!lotc_vA!mprdctdt6_vA!pl157994b_vB!smbs!t120!t45!ufm_vA!ut_vB&mPre=0.025&cirf=https%3A%2F%2Fthenorthernlights.forumactif.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c082cb874b38284231d53aeb8588161c0b487bab15b972fe37fb21f2a8571ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
x-cache
MISS
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
vary
Accept-Encoding
link
<http://{"bidderRequest">; rel=preconnect
machineid
140146
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
pragma
no-cache
x-timer
S1733329208.740252,VS0,VE194
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
server
nginx
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 9C8A 		232 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"68d0c40fe5d02dbd22ed13ed9a7a340d"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
hhPYxpWuJJIhYk7-4GzcfrxT6s5nQJHqmZ-qNS1ECdS8R1argDd7vA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:41 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
17943
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.683846,VS0,VE0
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
73742
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
cmAdService.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 5208 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"6edcf250af407a2e0e520ff148b79d65"
age
281773
x-amz-meta-gid
0
x-amz-meta-mtime
1733047347
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
BSrDguPm-wE28iw6BEbSJr2vZQWd65y6taSaTdKfWBZq3-eHsvTiwA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Sun, 01 Dec 2024 10:02:29 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
71095
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.740386,VS0,VE0
via
1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
11876
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733047348
server
AmazonS3
x-amz-server-side-encryption
AES256
cmAdService.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 4772 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"6edcf250af407a2e0e520ff148b79d65"
age
281773
x-amz-meta-gid
0
x-amz-meta-mtime
1733047347
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
BSrDguPm-wE28iw6BEbSJr2vZQWd65y6taSaTdKfWBZq3-eHsvTiwA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Sun, 01 Dec 2024 10:02:29 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
71095
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.740386,VS0,VE0
via
1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
11876
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733047348
server
AmazonS3
x-amz-server-side-encryption
AES256
cmAdService.js
vidstat.taboola.com/vpaid/units/34_5_4/infra/ Frame 9C8A 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"6edcf250af407a2e0e520ff148b79d65"
age
281773
x-amz-meta-gid
0
x-amz-meta-mtime
1733047347
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
BSrDguPm-wE28iw6BEbSJr2vZQWd65y6taSaTdKfWBZq3-eHsvTiwA==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Sun, 01 Dec 2024 10:02:29 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
71095
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.740386,VS0,VE0
via
1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
11876
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733047348
server
AmazonS3
x-amz-server-side-encryption
AES256
TBamxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 9C8A 		141 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBamxPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"0c293f998b2daeb487b2e584088f8f62"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
ibOk6b3dB3TtNa8BSYVcDBsDIxsxjEd6R2MN01Ml00xCnOABVxn0nw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:42 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
6954
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.781148,VS0,VE0
via
1.1 5fcfa33730e16a82669ad0b497f19c94.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
45545
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
TBamxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 5208 		141 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBamxPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"0c293f998b2daeb487b2e584088f8f62"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
ibOk6b3dB3TtNa8BSYVcDBsDIxsxjEd6R2MN01Ml00xCnOABVxn0nw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:42 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
6954
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.781148,VS0,VE0
via
1.1 5fcfa33730e16a82669ad0b497f19c94.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
45545
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
TBamxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/ Frame 4772 		141 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBamxPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

content-encoding
gzip
etag
"0c293f998b2daeb487b2e584088f8f62"
age
84735
x-amz-meta-gid
0
x-amz-meta-mtime
1733244338
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
ibOk6b3dB3TtNa8BSYVcDBsDIxsxjEd6R2MN01Ml00xCnOABVxn0nw==
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 16:45:42 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
6954
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1733329208.781148,VS0,VE0
via
1.1 5fcfa33730e16a82669ad0b497f19c94.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
45545
x-amz-cf-pop
AMS1-P3
x-amz-meta-ctime
1733244338
server
AmazonS3
x-amz-server-side-encryption
AES256
c
prebid.a-mo.net/a/ Frame 5208 		0
20 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
prebid
id5-sync.com/api/config/ Frame 5208 		194 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
p3p
CP="CAO PSA OUR"
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 5208 		0
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
c
prebid.a-mo.net/a/ Frame 4772 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
c
prebid.a-mo.net/a/ Frame 9C8A 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
prebid
id5-sync.com/api/config/ Frame 4772 		194 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
p3p
CP="CAO PSA OUR"
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4772 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
prebid
id5-sync.com/api/config/ Frame 9C8A 		194 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
p3p
CP="CAO PSA OUR"
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 9C8A 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://thenorthernlights.forumactif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
x-nbr
1
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
vary
origin, accept-encoding, Accept-Encoding
server
envoy
v1
lb.eu-1-id5-sync.com/lb/ Frame 9C8A 		45 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
4569a3c9815140e566da794f0c88a649048113c578822521e38b19803005748e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ Frame 4772 		45 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e17182ed7b33548458653db2076a410398991befac2e28eaab0c4ea460c5ee6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ Frame 5208 		45 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
292707428afa5b9a43f9527d50a81453c72141471ebfa1347d660fec534b4cc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:07 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
bulk
trc.taboola.com/forumotion-fr/log/3/ Frame 4772 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi48=14790&tvi61=19380&tvi62=18148&cv=20241203-54-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
image/gif
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
1081
pragma
no-cache
x-timer
S1733329208.148993,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 4772 		254 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
10520
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:08 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
257509
content-type
image/png
x-amz-id-2
aY/pqa/U/X0JhX6+CdHN+YK/DvTW4Ws7GAcaf5YPloFuUzIQcs3kKXArP31F32wvCRjADwNSQdU=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1733329208.147996,VS0,VE0
via
1.1 varnish
x-amz-request-id
P968FVKZFZE9EDCG
accept-ranges
bytes
access-control-allow-origin
*
abp
60
content-length
254
server
AmazonS3
bulk
trc.taboola.com/forumotion-fr/log/3/ Frame 5208 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=4948&tvi50=9864&tvi61=21743&cv=20241203-54-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
image/gif
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
857
pragma
no-cache
x-timer
S1733329208.161201,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 5208 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
10520
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:08 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
257509
content-type
image/png
x-amz-id-2
aY/pqa/U/X0JhX6+CdHN+YK/DvTW4Ws7GAcaf5YPloFuUzIQcs3kKXArP31F32wvCRjADwNSQdU=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1733329208.147996,VS0,VE0
via
1.1 varnish
x-amz-request-id
P968FVKZFZE9EDCG
accept-ranges
bytes
access-control-allow-origin
*
abp
60
content-length
254
server
AmazonS3
visible
trc.taboola.com/forumotion-fr/log/3/ Frame 4772 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/log/3/visible?route=AM%3AAM%3AV&lti=trecs&tvi48=14790&tvi61=19380&tvi62=18148&cv=20241203-54-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
image/gif
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
753
pragma
no-cache
x-timer
S1733329208.162810,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
bulk
trc.taboola.com/forumotion-fr/log/3/ Frame 9C8A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=-2&tvi50=-50&tvi61=21743&cv=20241203-54-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thenorthernlights.forumactif.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
image/gif
x-served-by
cache-ams2100102-AMS
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
877
pragma
no-cache
x-timer
S1733329208.361726,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://thenorthernlights.forumactif.com
x-service-version
v1
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 9C8A 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: thenorthernlights.forumactif.com
URL: https://thenorthernlights.forumactif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thenorthernlights.forumactif.com/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
10520
x-cache
HIT
date
Wed, 04 Dec 2024 16:20:08 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-ams2100102-AMS
x-cache-hits
257509
content-type
image/png
x-amz-id-2
aY/pqa/U/X0JhX6+CdHN+YK/DvTW4Ws7GAcaf5YPloFuUzIQcs3kKXArP31F32wvCRjADwNSQdU=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1733329208.147996,VS0,VE0
via
1.1 varnish
x-amz-request-id
P968FVKZFZE9EDCG
accept-ranges
bytes
access-control-allow-origin
*
abp
60
content-length
254
server
AmazonS3
246.json
id5-sync.com/g/v2/ Frame 9C8A 		251 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
3ac5feb8d28a0a6e3b176c5111bb6eb4612ae1f8a7d68fdefb7e9b44c3e825f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
246.json
id5-sync.com/g/v2/ Frame 4772 		251 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f18dbafc4593c620de6b655a3609bf0508ae81907b9ce58365325fc984a85ecf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
246.json
id5-sync.com/g/v2/ Frame 5208 		251 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.7/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0bd0d08fbd6e32659e2ae27277d1211832acb8c229cd58b6d951548530bd3a23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thenorthernlights.forumactif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://thenorthernlights.forumactif.com
date
Wed, 04 Dec 2024 16:20:08 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
isyn
prebid.a-mo.net/ Frame D5E6 		0
0
isyn
prebid.a-mo.net/ Frame A108 		0
0
isyn
prebid.a-mo.net/ Frame C74E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
via.placeholder.com
URL
https://via.placeholder.com/200x200
Domain
64.media.tumblr.com
URL
https://64.media.tumblr.com/289f2f4694dc503e688a03f99e8d091d/63fb010839d05a33-31/s400x600/eb8fd7a7db45dcfa0f0c17a304f8918f5838dbd5.gif
Domain
api.viglink.com
URL
https://api.viglink.com/api/ping
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

355 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| change_onglet function| $ function| jQuery object| head object| link string| cssId object| UserWayWidgetApp string| clientPC number| clientVer boolean| is_nav object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage number| offsetx number| offsety function| gws_show function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help object| bbcode object| bbtags object| FAM string| gtmDataLayerName function| gtag object| dataLayer function| __sdcmpapi function| __tcfapi object| google_tag_manager object| google_tag_data function| doFollowAction object| _toolbar function| _manageStateAndCSS function| _moveUp function| _moveDown function| _onResize function| _delItem function| _addItem function| _readItem function| refresh function| _setConfig function| compileNotif object| Toolbar function| setScreen function| togglePassword object| _userdata object| _lang object| _board object| _taboola function| urlB64ToUint8Array function| updateSubscriptionOnServer function| subscribeUser function| unsubscribeUser object| twemoji function| MONOMER function| FA_OBJECT function| FA_FORUM function| FA_TOPIC function| FA_LOGIN function| FA_LOGOUT function| Fetcher function| MONOMER_MODAL function| extendDefaults function| buildOut function| initializeEvents function| transitionSelect function| _bridge_post_deferred function| extend object| monomer function| Switcheroo function| AT_adFillSlot object| audio function| audioHandler function| removeFromArray function| createCookie function| readCookie function| vglnk object| ucTag object| slmadshb object| pbjs function| renderWinningBidOrFallback string| cname number| cpos object| jQuery17206258118170467035 object| SDDAN object| regeneratorRuntime object| Sddan string| GoogleAnalyticsObject function| ga object| googletag object| gaGlobal object| fae_copyCode object| pbjsChunk object| _pbjsGlobals object| aax object| ADAGIO object| __atmtdAnalyticsGlobalObject object| bliinkBid object| invibes object| mnet object| mnjs string| msna_ik string| nobidAnalyticsVersion object| nobidCarbonizer string| nobidVersion object| nobid object| OneKey object| a string| __ARUN__spu object| __ARUN___metrics object| __ARUN___meta function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| getUserwaySupportedLanguage string| SITE_LANGUAGE_FROM_SCRIPT function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway function| __weatherwidget_init boolean| __v5k function| vl_cB function| vl_disable object| webpackChunkt_recs function| _TPrmse object| taboolaEvents object| _tblConsole object| TRC object| TRCImpl object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn object| slmpbjs object| ejs object| global object| sas object| apntag object| apstag object| m101 boolean| mtz101Loaded object| config function| shoppingWidget function| priceComparison function| autoLib function| observeDom function| init object| gaplugins object| gaData object| CommerceJS object| CommerceJSConfig object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| google_reactive_ads_global_state object| UserWay object| _aps boolean| apstagLOADED object| apscustom function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async object| __bt object| __bt_intrnl object| __bt_tag_d object| PublisherCommonId object| __id5_finalization_registry object| ID5 function| vglnk_17333292029866 function| vglnk_17333292029877 function| delegateEventListener

9 Cookies

Domain/Path Name / Value
.thenorthernlights.forumactif.com/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
thenorthernlights.forumactif.com/ Name: toolbar_state
Value: fa_show
.tinyurl.com/ Name: __cf_bm
Value: 3Wao9hPOAcChmRdZ9Ld1Pp5OHmiprVGEGoggwB3sbcU-1733329201-1.0.1.1-4UllxHqYpV5WF3DG3Zjdox_8PPhophK2i8BGyFOyZGxhRGsmK60CjOKL60fei80LoUhC6JYNtFEPClBTr3HIAA
.taboola.com/ Name: taboola_vmp
Value: temurtbnative-network
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: MdJ6tNzAKlP7j44P1ZYCsCGN0Wj45pIMuC3KBwcKcviBGh-VbHzKx_aNvdiliw3lPMWSIiGKOqPGbW89al6Yj6ShHgT1mEx5635GNvUwmA4.
.adnxs.com/ Name: uuid2
Value: 7216869051881671639
.temu.com/ Name: __cf_bm
Value: ll0HWjnMEsQCrsnkTeV84XmmBFbmg_gz0oJxEn2pclA-1733329207-1.0.1.1-p9HBLAUSXp5PLZtzq0x_U_4sDd1.zfrymywUq8sgowe3BzZVv_SiO7pPqrL.qWmged.IQZVatmy967PP.ivkLw
.id5-sync.com/ Name: id5
Value: 9666fdef-9e57-7d74-a55a-ed629db2ca2d#1733329208036#1

5 Console Messages

Source Level URL
Text
network error URL: https://kit.fontawesome.com/25e7896bf4.js
Message:
Failed to load resource: the server responded with a status of 403 ()
recommendation verbose URL: https://thenorthernlights.forumactif.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://thenorthernlights.forumactif.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://thenorthernlights.forumactif.com/
Message:
Access to XMLHttpRequest at 'https://api.viglink.com/api/ping' from origin 'https://thenorthernlights.forumactif.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.viglink.com/api/ping
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
64.media.tumblr.com
ac.aruncdn.com
ac.audiencerun.com
ad-delivery.net
ad.doubleclick.net
ads.sportslocalmedia.com
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.consentframework.com
api.userway.org
api.viglink.com
beacon.taboola.com
bt.dns-finder.com
btloader.com
c.amazon-adsystem.com
cache.consentframework.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.userway.org
cdn.viglink.com
cdnjs.cloudflare.com
choices.consentframework.com
code.ionicframework.com
comparisons.sovrn.com
config.aps.amazon-adsystem.com
cutt.ly
d35m0nfeeqvaj5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.imgur.com
i.pinimg.com
ib.adnxs.com
icons.cappuccicons.com
id5-sync.com
illiweb.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
kit.fontawesome.com
lb.eu-1-id5-sync.com
maxcdn.bootstrapcdn.com
prebid.a-mo.net
pull.cappuccicons.com
region1.google-analytics.com
sd-1.archive-host.com
sd-g1.archive-host.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
solrainha.github.io
source.cappuccicons.com
sync.taboola.com
thenorthernlights.forumactif.com
tinyurl.com
transparenttextures.com
trc.taboola.com
via.placeholder.com
vidstat.taboola.com
vidstatb.taboola.com
weatherwidget.io
wf.taboola.com
www.aht.li
www.avacrea.org
www.google-analytics.com
www.googletagmanager.com
www.temu.com
www.terra-canada.com
64.media.tumblr.com
api.viglink.com
prebid.a-mo.net
via.placeholder.com
104.17.25.14
104.18.10.207
104.18.111.161
104.21.235.76
13.32.23.96
13.32.24.226
141.226.228.48
142.250.185.232
142.250.185.234
142.250.185.66
142.250.74.195
143.204.215.124
143.204.215.65
148.251.96.239
151.101.0.84
151.101.193.44
151.101.65.229
151.101.65.44
162.19.138.119
162.19.138.120
163.5.194.32
169.150.255.180
172.217.16.142
172.217.16.198
172.64.144.50
172.64.147.188
172.67.11.187
172.67.181.105
172.67.38.106
172.67.41.60
172.67.69.19
172.67.69.29
172.67.70.117
172.67.74.105
172.67.8.238
178.250.1.11
185.199.108.153
185.199.110.153
185.199.111.153
188.114.96.3
188.114.97.3
188.165.46.1
192.0.77.3
199.232.196.193
216.239.34.36
216.58.206.74
23.209.22.22
3.161.82.69
3.161.82.71
37.252.172.123
44.233.137.16
52.47.197.186
54.38.45.96
76.76.21.164
94.23.76.111
01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
0529241a32212dbb3ab5af749bbb99fd64d75256edef6a87b1e1c9c525d2817b
055d15ab0d271b031fd413d8c43a7dc8d02b862610b3202921c6724ec7966a1b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d4b73c72b8e93aea4670bc51a3eb3ebf8bb5643867c1bd19aeedef5731a9f8
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
0bd0d08fbd6e32659e2ae27277d1211832acb8c229cd58b6d951548530bd3a23
0e6ee0f057fd188e8cff306b0a7146f2fee07e85b5da655ee16ccaf110296fd9
1008ad4ee4522aab7c2490eb1b7556238cb55beb32d3b216bdf2ba41c8ed986c
124d4a7be7fe0e5f300fdebcf7fc8441a2505b6042e45ddb4a3aed4fa970c540
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
140041b5ae85cc4741d500512b49b80f7126ff1d05fb8097f25d68fa25cc0a38
1814c278a202783b8a59072dc8d9513bab6ac8b64ece4606005bb98a7aa6ef38
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1ca45754a2ae2d776d27f7481764fe8d99a9c09ec1f9beb48d8e3ce51d4cf8a1
1d51fe96548c6433148bdffe4a3ab8fb65a50ad853bcd15838b279eee1671899
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b
254eb2f08019c13e968695b8511c13831f57a3983eab03664e73f8ebeb86b4f9
259fda2527d9b80edef23dc0e40316ad78ce4fe02acc2bad08392bc7e8a652bd
292707428afa5b9a43f9527d50a81453c72141471ebfa1347d660fec534b4cc0
292c522826258d58faf3e06ee9aa8bd1aab495f83bd56cbdfd29838df0f59373
2c668b5725fc6463bc4eacc880a01e81cab297bb7aaef896e9ccc1fc6aa81b13
2d52f4b07cebf9b4fee1c2221feb65d6e70b394ea2b6585f3f9d44e51be97e45
2f267e0346f9e77c333fac5edd82c933049a8dba964f3350348a5e4909e70fa3
2f8e8594e1a60796075cda1abce3ebf933fc0451d0c683c1c54788362164a626
3169051fd031a7b1555a37dbc9e7148813115e6cae0412fb52fc1a0631c7643f
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39bbf78948880dd4bb32ebe8b10b28245d358b68dd96fe53a7956aba1a6d5a0f
3ac5feb8d28a0a6e3b176c5111bb6eb4612ae1f8a7d68fdefb7e9b44c3e825f5
3fabdb42181e08c56a962554ac654ab97b702dc68f8208b6780e931ec452abbc
411dc74bbf34c281763af4eb6724f9f3185b174a538f7a55aa7b8acfa8fa0cf6
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4569a3c9815140e566da794f0c88a649048113c578822521e38b19803005748e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4937f1144d063267eec43698b5bf60f60f88b8e348c14041b34762a3c1fa58ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
51b3123578bb3b704cd846ba001147b2482a2371bdb92130a544fda0ad4bfb65
529251616d4222f8574f8d9c10470d22d2baa1a88c3e84daaee8dea255f026b1
52e9780477e3c989fb9654a502f28ccd5325e94e58ca816661dc44539be8abfb
5a1ee954d694c917141bac8af0f93232dc4dfbb039ae4d1fe3b7349a602c9952
5a68de0e8a358a0c7ce72f5df1cc255a3ebb447b7746a49a89fd2bd4c1698bad
5c5ea7a76aa57c77b753a5a9c1cacee332acb054f6944d1df22b3948d9743d06
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5f3e2e9276865839ee5cedb223e4ae146694965c1fae6b5b49075b095a827c66
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61cc863699ce39577b6ac106b6fd12b1083af54848933a74663314efced81c83
6429cb89ca9d3c13b72324dff2a7539ae81620c7977f9c8f40d4b28b8a55f0fa
685b855c1c80ba9842e7230b1839aff8c34f217b60479781ccdd15094e59180b
69d50aec1a460a5c30082515e4ad7c8a0319ed57459775420624779f5b527466
6c8116e3a0c1e93431a4bdb62a38884a8b23f23c6cfe23c5f3796dfa4930613a
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6f5b001078068b0a370dababf149ec25a09c339a71112155e2d2cdc547e49be2
724be45f6350e21e71f7e6ded0ae6bec1b28880d7b9e544e56b66070057e8945
74f3853706778739cc54417e36b8df065e41dfb56885e55f184ab35d561eeed4
76b6a22f101abc845a0791895ef3583b65db458288a4dd94449926776f3051b1
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8
7b8612628c0e62873032a347fc2a12d4008a88cd32eb7626b1a5538528427b7e
7c8bd0e3872704d1131e5caf87dcc18f13f2a515871bab016231a7bc7efba096
7cd34434289e60bc56dbcfe92f4b93e3ecc6a7a4211102aaaef1d63a632017ce
7e9ab1cb35e5927952c292e3ce4b0286f88c8983df427ef147d9a49ecbdd2a99
7ef9622cf9e61cdfe8541930f6d112069f0def6b7aea1e794a9fbaf8494cba19
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
80fb805f0121f7ec281bd5effc267704110c21e680eeb6db9e8364ccf6a57a73
81180227e419a42ca41bd65f1dfc9f3e00aa209665ed7234512434e365d4899f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085
8592daaa0c14f220eaef4f75bc5a83f3d44a20302cc147c480355c8a62df7e57
867e200765062a1cb73c235f2c17857d781372808d8df8a57a45f3f392a885da
8f3a39acb9679b8f61f939937dc06653138678825653eb9e954cc084160fd4e4
910ba9bed4079e9e588eace0240252589f8837c0609c55cec4705a40feacb008
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
968c25562c9e2e6bf12a7f8212dbcecd9eeabf1fe89d96bca7a7df668e3cd23d
96a37870fae0c1ac2abbc412335bcdcaa7429708f0f892c371f081eabdd6f874
97943c06da1cf16a3ab3794008a043be4b5ea72c0f949f15490cc9e77a485b87
980eb1a66ffee86fdd38959f9babb362dc9afe4347ff6620f295fa5d7889276a
98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9cb2c0b52d37fe5f920c33b62c63911190100e41e3a2a952c8bef4d2af11e518
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9eee34b62a833fde0945597fa10708d86b8de7c0c065ca9ecd41614d8af7c611
9f33bcd3ad808610ec3e1abdf6af848b178a80dfd0744695ac50c336fdd480bb
a0a7f223d4268105fda917e6afe36025a153c0b30dc933eee421effbdd9496b8
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a6345aa57d858e4421e437f05ca1ba984f1ac0c99e065b59a1ec37bdada386b1
a98642e9e001e935698bb1ccf15571970965349ed446f902571d5486bc4c55ea
aa9141aa27d614ced8ab1a70e44331ef541f66f872087d96adecf87f0d468a42
abee6ffde726f688a55d2f6afa3de413a907a55bc017957ac2cddc266a853d67
acc6dd143721784a1db8260fb337a5aecb219723b008176b81acbf7bfbae8328
acea3466f57decb7ad48959d919cbb4b0ae5cf9d16cdf39ab35bcc95773b0456
ad1eeeeec913548c6df9f0bdcfe9abe43f93e163dcc6aa3e85fb1ae75f45a54b
ae5411204cb019e140c148e653dbcb4ec85cba2e079ff58ffbea5530879f4a76
aee57ef6760265aff6d5270258732ffbcbcfb0f96add35de5189cb60f20c6e41
b007c1e9053ce42d7bba866b6987ade494de44b13530a13932106c093123eded
b209b9a964a0e32f61711afbb51ef4d03da1df55481b0c28c6f22fe21a968dec
b38b3df099f010a982419dce2d7388754d3992a5f6e8a9dfacc7271fd93d1f23
b4c616ffc804aa53bcbe714314edbef1f659353895a1cd8dfd3d7f1118752bd6
b62b7c4e7cdcd80643938c19bea929109bb062062eace6ca0c44999b3d5d53a3
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b8cec0f80b7dfe57a02097442d0ea2275ec5938bfb79cf1c3953cfb1bc5c5a5a
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bc810e4a1c72b63f19ea8fdb6557b9975696eb5d7c4a34df51db38771564ba04
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bec3ebd33bbf44ed61aa1830fd5262fa54352a761ede033af9542d4062965c74
c02207dccd417e91e5cbfd00a0febf5be3b5174695cf907276e986bdf48240ba
c082cb874b38284231d53aeb8588161c0b487bab15b972fe37fb21f2a8571ba9
c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c
c32d3b479112dca3211b0400d00d391e89d014c688bc90b13fcccd7e5e86597c
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c8e4df00bdad9ee1602ded3b28ca40610b3866740f0d70272ffaaf748dedf694
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c7bca6171bcd354a066a910c00a8edfd1638ee3a2697e85f572d674fcecfff
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3145bd4195164ab157b8e3d69fdb70cf3ee9d0ccdb6784ab7e93a5d051a3a39
d3219f456a634799aebf5955c0a6fca8e377e2964ae556f21b582a92f3e17726
d34cb9058b6cc7d18ba7bcd58279aa45d2de427262f82e7d20e5013c46b43fcd
d34d20ca0f3a7049541b4dbc9bdd9cc94b28f629a81a76e7b03644e6986615f7
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8
d5941a3169d308459c069427a63b6e91fccf83a6c27ddcb095b614209f2f0d69
d7050c434e454737459714e12822afe9873651b17ba910136a8088e1ea6ded5e
d82b165d7693696cb8fdd91a06bbe8001c19f89cdce8108cc96611b5bbd8632e
d8c9fbeab056e6f9a0300b2cd1b235d1a5070b73dce4247b7cf21cf071edafd3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db271cfcfdec2e5064473853f546e9ccf1aee6a29cefd78fd444839d73060f05
db310e2f9bda46da5064e8c51305603db3f4b6cdaa222356adb49498ca82a0d7
ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de59e3713aa677205890a880509b1b66ce2b69271ebcf0de3ee9a1de4331d2c5
df27914e30d4ce2d9549f3a303d7a337b3feb3465707e3630d0dbaa6c901fc91
dfff1d663bc32776c61707d362d610eb31a423c06949a1e87efa3958e3301d3c
e10adedb2affd2cc80031b3a03056f4c0f20b12858f2b73407784b61cb46900e
e17182ed7b33548458653db2076a410398991befac2e28eaab0c4ea460c5ee6c
e1e6f277c33ff995e4e988743eec16116b137ef1b2ae0e177730e2b2e66a6e6e
e2de1284ae526a7118158dead17dabfdd483f02dd358d0f126f80e0267eeb1c8
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
e37a634fc13d78f4305920ecb088bf0faf59bde98e0ca888e53cc99297d0ea46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e4c85387ec09d9e82fad9273f03d354cf8cdf020259be38728faa5e1e9345280
e6f82b1f3c3bf7d1725d976527f73b578b869d14b9ade6ca020fa2f769105444
e84e77b853b734de81881171ba44563a9b266db399a27f02309856344e951c53
e981ea1d4767d72e2f8cd8fd2a47de8afbc507c925b470e320f558ba7ad0e9c4
ed42b85ef7e06b8cfc17bb6c2997a76720944ca6eee4e8f4caa88e97864c8c68
ede225450916fb53a29c50f310554180ea94b4ae264647b1ad27e8620ca0d1d2
eeef742ca3f18f9772838719cd84fdc2ca6e8e92353f477372eae7a0ed93b3e4
efed970c7e2f212e97a7ee16de3e8c6394d4cf75faf3772a80da4db738e43f70
f09126fdd2e13b744df52f5af371f9eecde61e366a9a73eb0d12a35de9906327
f13e46658d50993e2adff4ea6c7e6735494919451d14ee1c59a7afff61170a6a
f18dbafc4593c620de6b655a3609bf0508ae81907b9ce58365325fc984a85ecf
f2f8def7fd179f805fff0cd21b77e6c1b78de649ea5743baaaf8de605d6a533d
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f779fe40480221a710f20921f5c846e257156a0a0936eac272fbf0f40f434381
f7db71d6fa6b9617923e3993fc1d45ebdd16f8ca1f97560808eb6313460fb290
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbfdd16e46aa961bdd0aa36416dc0fa97b47826d2bd55fa6df0181bd0b8a5aa0
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472
fcc957a69c2c10363738dd7fdbddd758532f4be80aaed1a4236b7ba342a2d4ae
fe266b74e3ce25c5b18374caf5bff34cfa6b521e3f3bdb481ec1d3e82181c7e3
ffc594fe94f822f27cf5e9bb07cb0382ee86516ff69f35828970206df3f8d44b