fuforum.createaforum.com Open in urlscan Pro
64.79.105.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fuforum.createaforum.com/
Submission: On June 24 via manual (June 24th 2021, 6:06:09 am UTC) from US

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 64.79.105.131, located in Warrenville, United States and belongs to SBAEDGE-603, US. The main domain is fuforum.createaforum.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 3rd 2020. Valid for: a year.

This is the only time fuforum.createaforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	64.79.105.131 64.79.105.131	53264 (SBAEDGE-603) (SBAEDGE-603)
20	13.224.193.90 13.224.193.90	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	66.211.172.66 66.211.172.66	11643 (EBAY) (EBAY)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
56	20

2 64.79.105.131 (Warrenville, United States)

ASN53264 (SBAEDGE-603, US)
PTR: createaforum.com

fuforum.createaforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.224.193.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-90.fra2.r.cloudfront.net

cdn.smfboards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.211.172.66 (United States)

ASN11643 (EBAY, US)
PTR: explorer43-web-public-1-1-rnoaz02.ebay.com

epnt.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.178 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	smfboards.com cdn.smfboards.com	600 KB
17	googlesyndication.com 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	77 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	162 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com adservice.google.com www.google.com	927 B
2	createaforum.com fuforum.createaforum.com	13 KB
1	2mdn.net s0.2mdn.net	40 KB
1	google.fr adservice.google.fr	853 B
1	ebay.com epnt.ebay.com	286 KB
56	11

	Domain	Requested by
20	cdn.smfboards.com	fuforum.createaforum.com
9	pagead2.googlesyndication.com	fuforum.createaforum.com 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
6	tpc.googlesyndication.com	fuforum.createaforum.com 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	fuforum.createaforum.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	fuforum.createaforum.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
2	68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fuforum.createaforum.com	fuforum.createaforum.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	epnt.ebay.com	fuforum.createaforum.com
56	17

This site contains links to these domains. Also see Links.

Domain
www.createaforum.com

Subject Issuer	Validity	Valid
*.createaforum.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.smfboards.com Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
epnt.ebay.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-09-13`	a year	crt.sh
*.google.fr GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://fuforum.createaforum.com/
Frame ID: 9BAFBF37341AFB008B4DF7A090807E21
Requests: 32 HTTP requests in this frame

Frame: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 37A82746CB2BF53BF3A2884506FE2F5A
Requests: 1 HTTP requests in this frame

Frame: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF0BFD35AEB052823D4A91B80D66C2E1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U
Frame ID: 8E3936628EA4FD884087EB154629F9AE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9CC89BEBA64FD2AC420A3D69A05D54B3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 276CBB1A446F0CFB04E15207D37D5BBD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E86D25DC76A73D8BEFB9F88A2511316B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

56
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

17
Subdomains

20
IPs

3
Countries

1247 kB
Transfer

1792 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.createaforum.com/
Title: Create your own free forum at CreateAForum.com

Search URL Search Domain Scan URL

URL: https://www.createaforum.com/report.php?boardurl=fuforum
Title: Report Abuse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1&C=1

Request Chain 42

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNQgwXgCPUq94Rm0TcVOLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0F0K_csClUAK-fnoAfCz4&google_cver=1

Request Chain 44

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM4NzAwNzIwODExODUyNzUxMA%3D%3D

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fuforum.createaforum.com/ 13 KB
4 KB 503ms
156ms Document
text/html 64.79.105.131
SBAEDGE-603

General

Check archive.org

Show headers Download Go to

Full URL

https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.79.105.131 Warrenville, United States, ASN53264 (SBAEDGE-603, US),

Reverse DNS

createaforum.com

Software

Apache /

Resource Hash

7671d2e9e716d2b6898ac1f5396e5d6a1b05320cf566f08177b95c5e50e86c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

:method: GET
:authority: fuforum.createaforum.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1
x-content-type-options: nosniff
pragma: no-cache
cache-control: private
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=99c6ca53d7c5dda176dd759280dfb00a; path=/; domain=.createaforum.com
last-modified: Thu, 24 Jun 2021 06:05:50 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 light_red-compress.css
fuforum.createaforum.com/styles/fuforum/ 42 KB
9 KB 126ms
125ms Stylesheet
text/css 64.79.105.131
SBAEDGE-603

General

Check archive.org

Show headers Download Go to

Full URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.79.105.131 Warrenville, United States, ASN53264 (SBAEDGE-603, US),
Reverse DNS: createaforum.com
Software: Apache /
Resource Hash: f15a59d1c150aa0a5df61fb4e99b64ed6c93c480ff9edf2a9b010174fed66cf1

Request headers

:path: /styles/fuforum/light_red-compress.css?f20
pragma: no-cache
cookie: PHPSESSID=99c6ca53d7c5dda176dd759280dfb00a
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fuforum.createaforum.com
referer: https://fuforum.createaforum.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2018 05:11:50 GMT
server: Apache
etag: "a838-561c422e0c20d-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9306

GET
H2 200 webkit.css
cdn.smfboards.com/caf/css/ 71 B
417 B 115ms
32ms Stylesheet
text/css 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smfboards.com/caf/css/webkit.css
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 037853b3e32a3ce03ac93f0edbadb0ce4ae687ae21f7f9bdf2c5d8edf8376226

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 22:39:41 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 18:24:08 GMT
server: AmazonS3
age: 2013972
etag: "0aae8e5b7e94a4779e99fe06769caf52"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 71
x-amz-cf-id: dlBQ4t8nN5p8PHL_GHFRVJ6Yo8FoDLbhjog1B5gz_Vfg_abu5L7JrQ==

GET
H2 200 script.js Show response
cdn.smfboards.com/caf/scripts/ 30 KB
31 KB 137ms
55ms Script
application/javascript 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smfboards.com/caf/scripts/script.js
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52694817d580ebaf83deba6dbfe12eb37597ba1b69d8339ffe1de1df36b23bd1

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:15:45 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 18:24:23 GMT
server: AmazonS3
age: 1327808
etag: "0c6427a0df680b351f16383481fa5d81"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 31118
x-amz-cf-id: VN1TBUOFvwxkVV2gS5zrZY_w8PkWWpWLwQWBC-t2uJTmO6tK1p1kIg==

GET
H2 200 theme.js Show response
cdn.smfboards.com/caf/scripts/ 3 KB
3 KB 147ms
64ms Script
application/x-javascript 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smfboards.com/caf/scripts/theme.js
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82ab3bcc5179d2e26cd7b5b51ede354472f6e87edd982d11c942559a2e2f936b

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 02:27:29 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 18:24:23 GMT
server: AmazonS3
age: 445104
etag: "4291ca00b7b57f9eb9aca00fe9adbf77"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3004
x-amz-cf-id: -w_JjhUfp_pOMhAsRQKeGyMdLbAPc6uBKktRM9HuoRwSCVKS6-BrsA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 67 KB
24 KB 111ms
38ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

b1cb136fb99cb53967bfe861f22d6d90af4320297d5fe2b7f94c634df3637441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "911 / 549 of 1000 / last-modified: 1624486143"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23736
x-xss-protection: 0
expires: Thu, 24 Jun 2021 06:05:52 GMT

GET
H2 200 sha1.js Show response
cdn.smfboards.com/caf/scripts/ 4 KB
5 KB 117ms
35ms Script
application/x-javascript 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smfboards.com/caf/scripts/sha1.js
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af3d83bd97bebf40021d41a72d888248084c434aaa67cf304523601377b8a720

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 17:37:03 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 18:24:23 GMT
server: AmazonS3
age: 476930
etag: "bf58b77335aee46050bc037fa3f648d3"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4262
x-amz-cf-id: DNesZTa6XY5VhpNRtGjFNViQgg-7YRXCxrjMGbpb0Ttug32zRf09IA==

GET
H2 200 SearchFocus.js Show response
cdn.smfboards.com/caf/scripts/ 1 KB
2 KB 114ms
32ms Script
application/javascript 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smfboards.com/caf/scripts/SearchFocus.js
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c3f34e4640bf932481265da134eceaab66e4cea2fb81ccc4845963ef25fbee2

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:32:26 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 18:24:23 GMT
server: AmazonS3
age: 1100007
etag: "0fe6865fd807bec68b29ce054fa4ed8a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1369
x-amz-cf-id: QPrPuQxbrcNPyPv5k63ra3t-tzqtoICSA77Uily-bVcYQ9CFGUED1g==

GET
H2 200 house.png
cdn.smfboards.com/caf/images/menu_icons/ 806 B
1 KB 35ms
33ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/images/menu_icons/house.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c862e0744036f4638b09366ff125edaf47944529867c8f36866e8fc0771729cd

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 21:03:45 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1501328
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 99bea32e1990e011e870f6c562e87a6a
content-length: 806
x-amz-meta-bucketexplorer-sha1: e11cf7d34a74b2639bd351484ee891dbd76b4d76
x-amz-meta-bucketexplorer-filelastmodifieddate: 1308354120000
last-modified: Tue, 13 Nov 2018 18:24:16 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 99bea32e1990e011e870f6c562e87a6a
etag: "99bea32e1990e011e870f6c562e87a6a"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 4Ofj9-h1Fe-cuznsV8Jy3ikCtbqQat0NJBiqg6tea3-I4KxtZ568_Q==

GET
H2 200 key.png
cdn.smfboards.com/caf/images/menu_icons/ 612 B
1 KB 35ms
34ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/images/menu_icons/key.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 20:02:32 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1073000
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 70ecb91f3ae79ec3c40ac74c5468a392
content-length: 612
x-amz-meta-bucketexplorer-sha1: 5422bd8c54173d2ae507cd44e15a2f4aae938ed5
x-amz-meta-bucketexplorer-filelastmodifieddate: 1308354120000
last-modified: Tue, 13 Nov 2018 18:24:16 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 70ecb91f3ae79ec3c40ac74c5468a392
etag: "70ecb91f3ae79ec3c40ac74c5468a392"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: j9jRSvr89q9RqAYTvN2PVegFmJ3RfALe-hL1yp4jCDpmesTlV_cVpg==

GET
H2 200 key_add.png
cdn.smfboards.com/caf/images/menu_icons/ 703 B
1 KB 36ms
34ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/images/menu_icons/key_add.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c31cee4bc9332a8219857662712970399fabd32bfcb59f4f95517b19fe8b2c27

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 20:02:33 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1073000
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 87705dd9e8b5c8dd66bf6828ec6e9b38
content-length: 703
x-amz-meta-bucketexplorer-sha1: 497d54e775ae400154c7a067462162924b82ade2
x-amz-meta-bucketexplorer-filelastmodifieddate: 1308354120000
last-modified: Tue, 13 Nov 2018 18:24:16 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 87705dd9e8b5c8dd66bf6828ec6e9b38
etag: "87705dd9e8b5c8dd66bf6828ec6e9b38"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 33U_6yre_XsOliVbWuzzgsOYKWt2jU26LVWROSex0YcKYgxfHKnFJQ==

GET
H2 200 off.png
cdn.smfboards.com/caf/themes/light/images/ 5 KB
5 KB 38ms
37ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light/images/off.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50d3c556abae5df366f3afc049d9d447fc3dddd1466570b7d3e799ef1f8ec92f

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 12:21:43 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 2396650
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 40013d925b402ea8ad17afbf7b7daf30
content-length: 4734
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325717804000
last-modified: Tue, 13 Nov 2018 18:26:18 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 40013d925b402ea8ad17afbf7b7daf30
etag: "40013d925b402ea8ad17afbf7b7daf30"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 10P-9mv6LTDyRNkW3da5AM4Z3Tojwy_4mjabfgPNyTX5jDkyfSJyJg==

GET
H2 200 new_none.png
cdn.smfboards.com/caf/themes/light/images/ 3 KB
4 KB 37ms
36ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light/images/new_none.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec1934bc0cd18c8597b0e77ed9cfe573c7b8c3ca192ac86ae507f2252cfc0201

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 14:52:29 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 2387604
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: fde616ec5a7523f3378483447819472b
content-length: 3572
x-amz-meta-bucketexplorer-filelastmodifieddate: 1326482648000
last-modified: Tue, 13 Nov 2018 18:26:18 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: fde616ec5a7523f3378483447819472b
etag: "fde616ec5a7523f3378483447819472b"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: PVQhb9b4i9j0SXb3Fg0AdFz9YISWYzmivXn8dBs8F1G2dgzpAhjtOw==

GET
H2 200 new_redirect.png
cdn.smfboards.com/caf/themes/light/images/ 3 KB
3 KB 39ms
38ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light/images/new_redirect.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3bbc6b69b97cb7472fc40f053d3fdc1f6b000e5e7fefc94e8cb90836c9e8201

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:09:27 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 417386
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 40bb21f061bfb433e15fc04bf5bc9667
content-length: 3073
x-amz-meta-bucketexplorer-filelastmodifieddate: 1326482670000
last-modified: Tue, 13 Nov 2018 18:26:18 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 40bb21f061bfb433e15fc04bf5bc9667
etag: "40bb21f061bfb433e15fc04bf5bc9667"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 5qWuWcTkNX7OHvpRBdUzvTOPmYfkZN5C4NQZnW00QFz2ZFDto7e7zQ==

GET
H2 200 info.gif
cdn.smfboards.com/caf/themes/light/images/icons/ 177 B
658 B 39ms
39ms Image
image/gif 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light/images/icons/info.gif
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b92dc2f4847236cf6b257d71ee6da18da56555ae466bf5be9caffdf880618c65

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 11:41:30 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 2485463
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 481420e6cbaf713b349572fb67eef815
content-length: 177
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325633590000
last-modified: Tue, 13 Nov 2018 18:26:16 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 481420e6cbaf713b349572fb67eef815
etag: "481420e6cbaf713b349572fb67eef815"
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: fbO34mb0Us27lI1mkJJvCz-lvavB13JgR0cV9CztiE3hW7yZJeKOWQ==

GET
H2 200 online.gif
cdn.smfboards.com/caf/themes/light/images/icons/ 295 B
774 B 40ms
39ms Image
image/gif 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light/images/icons/online.gif
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2ea798969cb9f6611676ed28fb4a7fab360e2442834358d36160ad1c306b7ba

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 06:00:52 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1382701
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 0e1b770238a3d5c721fcd8afcc422136
content-length: 295
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325633590000
last-modified: Tue, 13 Nov 2018 18:26:17 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 0e1b770238a3d5c721fcd8afcc422136
etag: "0e1b770238a3d5c721fcd8afcc422136"
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Z3VEsCIDrmp7x-NEUPHi0ZlavMfDpjIdiikgjZ9slZyDxeJgBPPT0A==

GET
H2 200 online.gif
cdn.smfboards.com/caf/images/icons/ 295 B
827 B 40ms
39ms Image
image/gif 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/images/icons/online.gif
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2ea798969cb9f6611676ed28fb4a7fab360e2442834358d36160ad1c306b7ba

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 08:56:48 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1199345
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 0e1b770238a3d5c721fcd8afcc422136
content-length: 295
x-amz-meta-bucketexplorer-sha1: 651bd04dc107f18da8ff2b5d7f80660ba6d1dcb2
x-amz-meta-bucketexplorer-filelastmodifieddate: 1263357780000
last-modified: Tue, 13 Nov 2018 18:24:15 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 0e1b770238a3d5c721fcd8afcc422136
etag: "0e1b770238a3d5c721fcd8afcc422136"
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 2R74Kxc4vgbhQCuVlnkvepQgtVaMbIWHVTTkVeEDNKLdy0rrCaFAAQ==

GET
H/1.1 200
OK epn-smart-tools.js Show response
epnt.ebay.com/static/ 286 KB
286 KB 692ms
168ms Script
application/javascript 66.211.172.66
EBAY

General

Check archive.org

Show headers Download Go to

Full URL: https://epnt.ebay.com/static/epn-smart-tools.js
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 66.211.172.66 , United States, ASN11643 (EBAY, US),
Reverse DNS: explorer43-web-public-1-1-rnoaz02.ebay.com
Software: /
Resource Hash: 135df9559450bba4a5b6135d372e16029c644831199c952e421ce16f73965db2

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 06:05:52 GMT
Last-Modified: Fri, 28 May 2021 00:13:47 GMT
ETag: W/"47840-179b051e278"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 292928

GET
H2 200 bg.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 3 KB
3 KB 40ms
39ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/bg.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cda65a4fddf6b88890e60a1df20114dbf3026fb85039cab453e259e86db2d4b

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 20:48:00 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1243073
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: c1da8c23eb900ac740f7009cecbbaded
content-length: 2895
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325713988000
last-modified: Tue, 13 Nov 2018 18:27:26 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: c1da8c23eb900ac740f7009cecbbaded
etag: "c1da8c23eb900ac740f7009cecbbaded"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: HUekyxxhVX5TlEo7V3xxCheb-_CWiWLeJo7vFL2n6_obYec1Pd4Yeg==

GET
H2 200 main_block.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 526 KB
527 KB 44ms
44ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/main_block.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d1ff8cd72a21ba66a5ca6956f8d941ef2ad265a64eb47be91bc57e6b24993c2

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 21:12:48 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 723185
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 1165c734479d9ece4784d78950824714
content-length: 538516
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325715868000
last-modified: Tue, 13 Nov 2018 18:27:27 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: 1165c734479d9ece4784d78950824714
etag: "1165c734479d9ece4784d78950824714"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: PykU1NdD-r-xsmt8jmhlC6fyhc3cZrPqQ0v5wSDI_FDn1-1uPkAmFQ==

GET
H2 200 submit_bg.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 487 B
965 B 128ms
127ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/submit_bg.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e91d095edc1ff9693e7f67fb82cb5e84f12c061067c313162d91e4e51424d8

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 13:51:14 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1095279
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: f2c1781437c2e461dfc02592ae272609
content-length: 487
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325633590000
last-modified: Tue, 13 Nov 2018 18:27:27 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: f2c1781437c2e461dfc02592ae272609
etag: "f2c1781437c2e461dfc02592ae272609"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: YBvhg2_izY1cMlj3kRbZSd3LdfrGRYkDe2Oej5BpjKFMPxV0Er5gFA==

GET
H2 200 mmenu.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 3 KB
3 KB 102ms
100ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/mmenu.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57c5c034b5a7c4d738810eec9647de9016e7246d1a3a55f18985c729426578a4

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:30:02 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 599751
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: d58de96e383401a0b640b0ddb8a4b3fe
content-length: 2896
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325891642000
last-modified: Tue, 13 Nov 2018 18:27:27 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: d58de96e383401a0b640b0ddb8a4b3fe
etag: "d58de96e383401a0b640b0ddb8a4b3fe"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Rjsv3OJ2TpypPycrTEOJqeg-uop2w7vq0LURUWGYV54pmEYWc0HePA==

GET
H2 200 active.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 3 KB
3 KB 101ms
98ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/active.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27c008c74ed7c990c89d4601bfd070558359d39a551e49d941b29b3b17e3c7f9

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 20:48:00 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 1243073
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: b201d917b5bb97d1fc12183a8788b177
content-length: 2889
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325716676000
last-modified: Tue, 13 Nov 2018 18:27:26 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: b201d917b5bb97d1fc12183a8788b177
etag: "b201d917b5bb97d1fc12183a8788b177"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: mPNcQCgpVpu9ut2J3arhNHd8qIVTR2e_HA1iVDPkyFwPqSqIlrHelw==

GET
H2 200 catbg.png
cdn.smfboards.com/caf/themes/light_red/images/theme/ 3 KB
3 KB 100ms
98ms Image
image/png 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.smfboards.com/caf/themes/light_red/images/theme/catbg.png
Requested by: Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/styles/fuforum/light_red-compress.css?f20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f3f3c2abdd7044b0c492cadb22784cddf7467102aa16761993472d53f10ee89

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 16:07:30 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 482303
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: ced1859ede41907dd52167f3ddc1cdc2
content-length: 2839
x-amz-meta-bucketexplorer-filelastmodifieddate: 1325891816000
last-modified: Tue, 13 Nov 2018 18:27:26 GMT
server: AmazonS3
x-amz-meta-bucketexplorer-md5: ced1859ede41907dd52167f3ddc1cdc2
etag: "ced1859ede41907dd52167f3ddc1cdc2"
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: JYWpY0aVXe5zOc-uB1Mobx6WHfyRrhBWWMVjv1wWattDYnimjhVrNQ==

GET
H3-29 200 pubads_impl_2021062204.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 46ms
46ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

b4940e8b14e821828ff722a1cb8d4cde477e69af6fa6aed4967d5f1e29148d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 16:11:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116179
x-xss-protection: 0
expires: Thu, 24 Jun 2021 06:05:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=fuforum.createaforum.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
13ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fuforum.createaforum.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 414ms
413ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3802029328925472&correlator=2329089936408767&output=ldjh&impl=fif&eid=31061161%2C31061678%2C31060976%2C31061200&vrg=2021062204&ptt=17&sc=1&sfv=1-0-38&ecs=20210624&iu_parts=21939239661%2Capl%2Ccreateaforum%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1624514750&dt=1624514752612&dlt=1624514752158&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=223&adks=3099423153&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffuforum.createaforum.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1560x0&msz=1560x0&ga_vid=1275273475.1624514753&ga_sid=1624514753&ga_hid=2128307843&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7f899cb5146b20cd7807d8b13bd2c314334640e8de7ab81297740d479a6c618f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23420
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fuforum.createaforum.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37A8 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fuforum.createaforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fuforum.createaforum.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Jun 2021 06:05:52 GMT
expires: Fri, 24 Jun 2022 06:05:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF0B 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fuforum.createaforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fuforum.createaforum.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Jun 2021 06:05:52 GMT
expires: Fri, 24 Jun 2022 06:05:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274983153827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
expires: Thu, 24 Jun 2021 06:05:53 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8E39 624 B
585 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 24 Jun 2021 06:05:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkQV6cMN-2h635Tfzmbgji9txTOL2ZqgMtB21Ud8mCMT8whhW-0ncfKc6zS; expires=Tue, 19-Jul-2022 06:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 06:05:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame DF0B 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 05:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 05:30:54 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210621/r20110914/elements/html/ Frame DF0B 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210621/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 05:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 05:22:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF0B 0
592 B 117ms
48ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4BnGWvzTer0219EJFRWOhZxObJM1SSSpCkDOHHZFaj-P5_eIbZr0CMx-NnqYRDyBqm_9YVt8kSdySIU1WVHEgCQt-eXHzRhYTi6jYlKWmLrnRRSCC0nq-Dqy_vzVd198CMLhAfTNRXDQ_yWlQkUWwPZ9Ifwn4KjcNC-wnYt4wezEQcxLP1yIjYAum7mt-1TedhxP2lgUx3MxUkosiouNT5xadnO4tDTCmTEBeqMgE2B1M3d0hR1nqBa7hYhOuUPUlMdwEB3tpANi-94UZKTT6EIAKNcDnuHAqg9PFFfykGWs889AW9Vtm4sjugs6di3MVb-50pes577w_K4g9iojhhYJSyU8dLgPn_EYCs2G2btl2Rtcr7lh02t4RI0CaiwY0Ui22Gy7QK94znHhazUpBkHkBibRV-WrCNH0k80bMsTAHI0iZc47BMgJUqdY_z1c7IaWmKR5STXDudrtK6kTxBofnpOqul5MxWne0gxOfe9Oz0DcrZ_c4xOEAiMTnTQ1uz31vNkFICRPkMWAGGvFqD_WrgcOgI4eKDh8uNAoFEM_yOPm1F-CjdWjZLQoq8nSoHkMEwoNMDMvFD7Mj5Mlva5lkapHOZ2Oo9aY3AE6oWvQd-MGTmfY0fPo4ZaUtFc5xHXZQzJHPdJ7mHDjCLMysRQYUoriOnxOTqQaoEjHnuA_E_gU5ffFdUqe0AUS2685g_kIppO5u-M5CluOJAi3ETHR6TxxGlTUdNtpUTqvdCCBYFwFzcM-m6QXy_td1KLHnnb1gJ18saQX_CiimeYO2g8lTS27kIPldvO33ufnqVZuTBBF63fOHJTt2ZJiIzQaJPy5O_2R1cPSopT85J8ASIzjyqFlPFLsO5luyZJ08fG72n7AWRpWFWnBs3foq4oUHI1KcAkBincntcRI5rvw38CT-z31EmEAQKWxFuH36aAqesvDB0XNX3rdbM7ZF19insVM6nzznkm5ezJjBOSVxZcx9IiIjq5Tf3U4kxCC-QukX9HJgOpPI_Qfi4IKGIFJU_Y3gswmstUqUNuA4cAgNEsjMEhO1O2Z_vyw9RWaLCutRF0TE55TtPw7TnJseZsMI2I4y9oJtAjr9e-ZGivpvtL_izc09fwpz35c7wtFm5aTRpoYJh-EVNU4llNvj5ciQZA_XdeKZ0X75p5YWBZqR1k9hTQ7rcidbLCyHqyofOpv2jwxHKA7nDDzyhxEbkhaq3Ro4p8LyJXg&sai=AMfl-YT5MpAQlQrq3wdF732v-nw7rb1ar-YeFmpUD4eK-IDVxtVxVKWHIplf0TIFq5fUPz8QPdKuGDIST4j_DvYCKa1eMMhSx7WFUo8FYS1mFETXJW6FUvkW-HD2FQzV4ztOL7mo10lyVwl1wP_1lndOGdhUx2SntG1cyahLfPpC-zgrirFUWmbAAD2f9guk3Bcc9oEaPQbOhXL_dTa_OHk1mhh5PWB_9bcj1WRwnn0bfiZuK8lAztQOHpoKVkGgSiA5S0NnN0CNapZ30Ed-b9N8qui4mL7COfUsgdVuq9tgdoyYl1W18BFu5CF4yeTftlBkV1GECoNRw9HqAbkF1XxpSk3EoqwzfVq8L8sVGc3hbYGSwAWRngG8633QY4l5KEc9bg&sig=Cg0ArKJSzHUCEK2rNCqFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210621.88523&adurl=

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 24 Jun 2021 06:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DF0B 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 00:53:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF0B 42 B
110 B 14ms
13ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5qr4U7mUV2rLOXhI6w1j2mMcamlXgzZjpHTBHI3H6R1eZ96rmS87aPDBRQrMKeLZzJ7fGXyHbItVGakSOSvxIMaO9OCd0Fyd3sKq-fTW8hVyLoK0

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame DF0B 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 06:04:41 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF0B 122 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Thu, 24 Jun 2021 06:05:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame DF0B 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 06:05:52 GMT

GET
H2 200 131916455839057084
s0.2mdn.net/simgad/ Frame DF0B 40 KB
40 KB 28ms
6ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/131916455839057084

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95f7d7fe76d5380deebc5767d29e38ea9af692f2068493a8ef82c54d7d889e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 00:18:01 GMT
x-content-type-options: nosniff
age: 20872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40708
x-xss-protection: 0
last-modified: Wed, 12 May 2021 13:48:53 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 00:18:01 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9CC8 22 KB
8 KB 15ms
12ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 22 Jun 2021 20:30:42 GMT
expires: Wed, 22 Jun 2022 20:30:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 120911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1&C=1

43 B
1014 B

68ms
54ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 06:05:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Jun 2021 06:05:53 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 06:05:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 24 Jun 2021 06:05:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E39
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNQgwXgCPUq94Rm0TcVOLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1

43 B
894 B

40ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 06:05:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Jun 2021 06:05:53 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJf4AAO3iBcaQQoYoHMEOb4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8E39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0F0K_csClUAK-fnoAfCz4&google_cver=1

43 B
1006 B

70ms
30ms

Image
image/gif

185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM0F0K_csClUAK-fnoAfCz4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBChhIX4ARjb5fyoATAB&v=APEucNVGqiRDHwJdYmMwa12KeXrfN3XrlGt8ynqqIoIkyF7oi8qvudXiiAgvRLk6pO73AALVaTBTXQ3Ff2FUnROVD3_rG3N2tBNmtPiGKFTpxOGXK4hwSxw1k9i_OsB37XK8ctTgDdAfvyxvlqunSh9BWqcGqs6h9gv2TIlpsI-lM2huladID_U

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 06:05:53 GMT
X-Proxy-Origin: 185.128.25.116; 185.128.25.116; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ec4ce75d-37af-4d91-90bc-ac6c6b320fa4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM0F0K_csClUAK-fnoAfCz4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E39
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM4NzAwNzIwODExODUyNzUxMA%3D%3D

170 B
188 B

47ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM4NzAwNzIwODExODUyNzUxMA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 06:05:53 GMT
X-Proxy-Origin: 185.128.25.116; 185.128.25.116; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 510e1ae3-3d71-4a84-ba33-abf470a5fd2b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM4NzAwNzIwODExODUyNzUxMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DF0B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09397fb4d5b868261049c83ee4e09c343191b41caac31b557d395030ee52d37b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF0B 0
60 B 40ms
40ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fuforum.createaforum.com
URL: https://fuforum.createaforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 06:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 eOgDGfqcQegWjA8qbjqFj-1olP7cUin4sCMz-IjcpPs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CC8 14 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eOgDGfqcQegWjA8qbjqFj-1olP7cUin4sCMz-IjcpPs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e80319fa9c41e8168c0f2a6e3a858fed6894fedc5229f8b02333f888dca4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5797
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 06:49:32 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CC8 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiZ8UwCDUYOysKOPP7_UP0qKZ2AsAAAAAOAHgBAI&bg=!oaKloubNAAZktE7iZLQ7ACkAdvg8Wk6z2qy_Wwyx1IzpycUaK50Qlv90Tefaax4Dgpwj_QJ0vrb-1QIAAACPUgAAAApoAQcKAB3Ggg3n8Hmt3HSEvzuqtYVeDrXGDLoV_ioULt0h3ZkCzu-80W_AoIFQGkyYfBGqiw2OZcp5G4OXWZ7FtdKYjQ024mv5ZibqYU5J-IsBVFXylMPlFGhlLsrDe7gfDczg3mp5TGn_Ovvcuvn9bB-6W-sr1Z-liPMnU1ush-1bvYexLlfz15sGPwLE4OTC_CP2f-V4B7Szeu744UWtNF9pNHhLtuy-P6P2Yz4-khTKU3T-qEoWRyGd6Yb5f13Tx53Kssdj59GHtomUq8iLaG7_gr63sFJtukobTGoNA-UgqPuQzKQoqdqMbZey4rFQw16rG0Erzm0_OGiv5Eo1_OVKhe7yVKxhpv0kfHdmMPfn111Tqh2gJAHoLvQQAIWrN7KfF3I7F_fdRFfSuh2mLZUKYnElGn-EF-u9zzeAJcKBe55Vc-8L3D1WMqk3xFYipMjaFx-6Cw-nVzj-VI2byyzO3SiqQWIWRsWl_uPRhnKUEGCsr5TjTyIqQkfpRsTcTBAwgEPIwamuyAMXPtHFPWYLxNLwIJxVg3-t5G58OFCMqGUJiyYyXMIuP_iwtg6iXDtDFddVIUFJ0vVFR0hT3ATFwuxvOdXQfnBLrg2zQm8JPjaj5sGSVxYfiE2qQv2dViq6UgVuhyGUZgdLQsmdRpvtHKlAINVLX8nSD5nzbE7ihI-7fE6yZe4YJX0KbFISYhFwVG2CkjTkeVyac_xDieQ64t2A2WsRNBPbaFPsFk0C7qujUxmLmFfeGhjo5kZQ8vA0ZC3r45lmhCAP6pjEW_kPYXKGamIGCHviJ_GhrRlIcBTwRBQ87nqPvVnJsXPiQazWZ33vFK9KPqRFKbA7nhyP4lIWeoneURKp9TYCrzl_m6Vxc88n8N4xS64NnEAUvhjvTGiaBy5L3CFhFmsMoHE9SXda4SI_llLFoAx0nB6aArDjV6vt2xb9RI_YHWxeyfVSsmHmSYrx_DEkFQneAvlrPwQtcqsjusAiv1NhmpFpnsI

Requested by

Host: 68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
URL: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 25ms
24ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062204&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e4923d246b69fb87aa0698e61349575a956599b135230d87960bfeeb05ef41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 06:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7966
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062204.js?31061678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 24 Jun 2021 06:05:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 276C 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fuforum.createaforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fuforum.createaforum.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 24 Jun 2021 05:35:20 GMT
expires: Fri, 24 Jun 2022 05:35:20 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E86D 783 B
762 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ed2613b6d1ab70c69334fc1b7d41f4ba8bff863adc3f56518cfb04ce7842a7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DUFCfUanqiYv9wNy3p8reg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fuforum.createaforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fuforum.createaforum.com/

Response headers

expires: Thu, 24 Jun 2021 06:05:53 GMT
date: Thu, 24 Jun 2021 06:05:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DUFCfUanqiYv9wNy3p8reg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 276C 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 19:41:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 19:41:40 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062204&jk=3802029328925472&bg=!hoWlhcHNAAZktE7iZLQ7ACkAdvg8WtQwHEKIlZ8miMwkpDKkwjsib7_VOfvGIPsC2sajWYWSO8a15gIAAABcUgAAAAhoAQcKAHYccTZXiepvIdyw7ltTOz6zOKZSOBlmOEUdz8QXnw_lgHuNZW0AfDeUec5_VZRzfBqGFSvs_BjD15ztZML9CNDzl2_1kFtrPKJg8UzWUzjdMlPCrGaHG6TOQvEsv_K6NTEqyjjLbASpi8wW-lNSnTFctgpwwU2XmQKIZUP0fhX9iFyhuE_NFtU-kdn5QKDZYWBN0gP5NQZyn_EqhKdTtMr3isLU6wERMk5UxLvtek_LqzIBglbbMJqnPDaxpU1MANJr1Hd5_BQ1WW0JfFiyK4Di5-P_IQMzmSbMQLlDJbmePA2dcS8QZC7Lytbz4HELQCQOPayFsCjC45kcNhWMb3_0BBO44AOcSgsoYylAf3PHccbgIyyzmSJnPkgJlRUHf-svoAIbYhcvuwrtGEbaGcv1_fMGcn2VNjGL6kvSentsvPp4FwSpNfDkorjk8Gr5WKr8laNIXYMsT1fnVTFGWXHynTZqm1C92eVQ8L72tXxif1K5E0IwUtQ4uAJCjLWCLTvA_O4SdjSZfkwb2Igwpe3RXpSK5Ie8rhKW4dFNrQsO52LV5IzYUchqb8ktt4PquWS_GRy9LKmVITs5g32j0ljYK7J7h-NgVULrV0w7dVXriPzY5RUl-lKVJsv1Pvsnw1D6MGiiDq4xbMwnUC09EUXh3E7Q1_1UNEh0BB20sa7hf-DUfgF6Od-lCkkF3rRZZYLIthUgnuK3ychMcAV7WFhysszbU-O88pWSwBAr5BrD3HVEc2ymASAbXfDeNVUGkeJ5-WQ2lEuEa8ARmGYRH2TOh_wwP0zH8Vuo1GknqY2i-frZ_4wzEZl-qXYLRDwIVsOKaKgUvbWq1GEf044FIPAmgf4AcSqdxg47gdPrQa6hr1iPcsn1svJLs-YgXUfSCYTWOTyFpdqKUZXP5pxY07WDY4lskuz0JopdUC7a9TTHcxKmH3bgKvq0bIL75y-zoojnUhShTBvWoT3vzNg32-SFwueC26B_LsQttTfeJJLnpw0G3X3maIApGYw9aE9VHKTE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fuforum.createaforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF0B 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrDkgzvza5R5drrkY-R-6UeegRnuTahruPb-Q5btfEmGEmwfd16u-IoCgfXV3fBIdOAZb4Q2wzYFD3IqsrJD2Cto0oilYpZoZ4kCOHhyrNnXSG8VQgqNql0XLSVw&sai=AMfl-YSgVSiBtICo8zTPoGa8Bwzx9eJoMjof0wbHYOrgi0c0zraRiSBxWB4R76UmlvU_qcc5Pz7bLchbQRY8gbptGHX3vNANzuxLvbL-b5hXwNHSGMsJRdkVwn6AXhI0F2I&sig=Cg0ArKJSzEHo2k8h1QZdEAE&cid=CAASFeRoyCvtWuMIwdKcyZH0OqVPWcAENw&id=lidar2&mcvt=1000&p=229,436,323,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210621&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3099423153&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624514753050&dlt=41&rpt=39&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 06:05:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:36:50	Name: IDE Value: AHWqTUkQV6cMN-2h635Tfzmbgji9txTOL2ZqgMtB21Ud8mCMT8whhW-0ncfKc6zS
.createaforum.com/	1970-01-20 04:36:50	Name: __gads Value: ID=3dd279582ee3895f-2243b5686bc8005e:T=1624514752:S=ALNI_MYcbS2jTdxK1HQs9VChGvRmgzLuTw
.createaforum.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 99c6ca53d7c5dda176dd759280dfb00a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68edb37e9b88e8b44e481effbf4191d0.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
cdn.smfboards.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
epnt.ebay.com
fuforum.createaforum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
13.224.193.90
142.250.184.194
142.250.184.226
185.33.223.178
2.18.234.21
216.58.212.162
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
64.79.105.131
66.211.172.66
037853b3e32a3ce03ac93f0edbadb0ce4ae687ae21f7f9bdf2c5d8edf8376226
09397fb4d5b868261049c83ee4e09c343191b41caac31b557d395030ee52d37b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0ed2613b6d1ab70c69334fc1b7d41f4ba8bff863adc3f56518cfb04ce7842a7e
0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135df9559450bba4a5b6135d372e16029c644831199c952e421ce16f73965db2
25e91d095edc1ff9693e7f67fb82cb5e84f12c061067c313162d91e4e51424d8
27c008c74ed7c990c89d4601bfd070558359d39a551e49d941b29b3b17e3c7f9
2e4923d246b69fb87aa0698e61349575a956599b135230d87960bfeeb05ef41e
3c3f34e4640bf932481265da134eceaab66e4cea2fb81ccc4845963ef25fbee2
3cda65a4fddf6b88890e60a1df20114dbf3026fb85039cab453e259e86db2d4b
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1ff8cd72a21ba66a5ca6956f8d941ef2ad265a64eb47be91bc57e6b24993c2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d3c556abae5df366f3afc049d9d447fc3dddd1466570b7d3e799ef1f8ec92f
52694817d580ebaf83deba6dbfe12eb37597ba1b69d8339ffe1de1df36b23bd1
57c5c034b5a7c4d738810eec9647de9016e7246d1a3a55f18985c729426578a4
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
6f3f3c2abdd7044b0c492cadb22784cddf7467102aa16761993472d53f10ee89
7671d2e9e716d2b6898ac1f5396e5d6a1b05320cf566f08177b95c5e50e86c86
78e80319fa9c41e8168c0f2a6e3a858fed6894fedc5229f8b02333f888dca4fb
7f899cb5146b20cd7807d8b13bd2c314334640e8de7ab81297740d479a6c618f
82ab3bcc5179d2e26cd7b5b51ede354472f6e87edd982d11c942559a2e2f936b
95f7d7fe76d5380deebc5767d29e38ea9af692f2068493a8ef82c54d7d889e6c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
af3d83bd97bebf40021d41a72d888248084c434aaa67cf304523601377b8a720
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cb136fb99cb53967bfe861f22d6d90af4320297d5fe2b7f94c634df3637441
b4940e8b14e821828ff722a1cb8d4cde477e69af6fa6aed4967d5f1e29148d68
b92dc2f4847236cf6b257d71ee6da18da56555ae466bf5be9caffdf880618c65
c31cee4bc9332a8219857662712970399fabd32bfcb59f4f95517b19fe8b2c27
c862e0744036f4638b09366ff125edaf47944529867c8f36866e8fc0771729cd
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbc6b69b97cb7472fc40f053d3fdc1f6b000e5e7fefc94e8cb90836c9e8201
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
ec1934bc0cd18c8597b0e77ed9cfe573c7b8c3ca192ac86ae507f2252cfc0201
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15a59d1c150aa0a5df61fb4e99b64ed6c93c480ff9edf2a9b010174fed66cf1
f2ea798969cb9f6611676ed28fb4a7fab360e2442834358d36160ad1c306b7ba
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

fuforum.createaforum.com Open in urlscan Pro 64.79.105.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

58 %IPv6

11 Domains

17 Subdomains

20 IPs

3 Countries

1247 kBTransfer

1792 kBSize

3 Cookies

2 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fuforum.createaforum.com Open in urlscan Pro
64.79.105.131 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

17
Subdomains

20
IPs

3
Countries

1247 kB
Transfer

1792 kB
Size

3
Cookies

56 HTTP transactions
1 data transactions