bowfile.com Open in urlscan Pro
2606:4700:3033::6815:254f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bowfile.com/9nfQ
Submission: On July 16 via manual (July 16th 2023, 11:43:58 pm UTC) from BG — Scanned from DE

Summary HTTP 138 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 24 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3033::6815:254f, located in United States and belongs to CLOUDFLARENET, US. The main domain is bowfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2022. Valid for: a year.

This is the only time bowfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3033::6815:254f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:218d:5400:c:6917:5a80:21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	23.109.87.108 23.109.87.108	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	52.20.131.174 52.20.131.174	14618 (AMAZON-AES) (AMAZON-AES)
4	172.64.199.35 172.64.199.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.249.9.26 13.249.9.26	16509 (AMAZON-02) (AMAZON-02)
5	104.21.63.209 104.21.63.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	99.86.4.46 99.86.4.46	16509 (AMAZON-02) (AMAZON-02)
4	104.21.83.228 104.21.83.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:26d... 2600:9000:26da:fc00:3:bb01:eec0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.32.99.125 13.32.99.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
22	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
138	31

27 2606:4700:3033::6815:254f (United States)

ASN13335 (CLOUDFLARENET, US)

bowfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218d:5400:c:6917:5a80:21 (United States)

ASN16509 (AMAZON-02, US)

d1zjpzpoh45wtm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.108 (Netherlands)

ASN7979 (SERVERS-COM, US)

wreaksyolkier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.131.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-131-174.compute-1.amazonaws.com

rurelanderpurgan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.199.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.9.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-26.cdg53.r.cloudfront.net

affelseaeinera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.63.209 (None, )

ASN13335 (CLOUDFLARENET, US)

dgemanowhowe.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-46.fra6.r.cloudfront.net

neoftheownouncillo.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.83.228 (None, )

ASN13335 (CLOUDFLARENET, US)

dfearinglestp.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:fc00:3:bb01:eec0:21 (United States)

ASN16509 (AMAZON-02, US)

d2oy22m6xey08r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-125.fra60.r.cloudfront.net

fulheaddedfea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	500 KB
27	bowfile.com bowfile.com	1 MB
9	gstatic.com fonts.gstatic.com www.gstatic.com	157 KB
9	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 67 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	4 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14304 ic.tynt.com — Cisco Umbrella Rank: 6199 de.tynt.com — Cisco Umbrella Rank: 1868	8 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	139 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	6 KB
5	dgemanowhowe.xyz dgemanowhowe.xyz	2 KB
5	cloudfront.net d1zjpzpoh45wtm.cloudfront.net d2oy22m6xey08r.cloudfront.net	53 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	225 KB
4	dfearinglestp.info dfearinglestp.info	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 31305	202 KB
3	neoftheownouncillo.info neoftheownouncillo.info	3 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13683	2 KB
2	affelseaeinera.org affelseaeinera.org	2 KB
2	rurelanderpurgan.com rurelanderpurgan.com — Cisco Umbrella Rank: 195106	37 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
1	fulheaddedfea.com fulheaddedfea.com	537 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	252 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 14075	184 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	79 KB
1	waust.at waust.at — Cisco Umbrella Rank: 41777	7 KB
1	wreaksyolkier.com wreaksyolkier.com	1 KB
138	24

	Domain	Requested by
27	bowfile.com	bowfile.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	bowfile.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com bowfile.com
7	fonts.googleapis.com	bowfile.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	accounts.google.com	4 redirects bowfile.com
5	ic.tynt.com	bowfile.com
5	dgemanowhowe.xyz	bowfile.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	dfearinglestp.info	bowfile.com d1zjpzpoh45wtm.cloudfront.net
4	pogothere.xyz	bowfile.com
3	d2oy22m6xey08r.cloudfront.net	bowfile.com affelseaeinera.org
3	neoftheownouncillo.info	d1zjpzpoh45wtm.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	t.dtscout.com	waust.at t.dtscout.com
2	affelseaeinera.org	bowfile.com
2	rurelanderpurgan.com	bowfile.com
2	d1zjpzpoh45wtm.cloudfront.net	bowfile.com neoftheownouncillo.info
1	www.google.com	tpc.googlesyndication.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fulheaddedfea.com	bowfile.com
1	region1.google-analytics.com	www.googletagmanager.com
1	whos.amung.us	waust.at
1	www.facebook.com	bowfile.com
1	www.googletagmanager.com	bowfile.com
1	waust.at	bowfile.com
1	wreaksyolkier.com	bowfile.com
138	31

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-20` - `2023-08-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
wreaksyolkier.com R3	`2023-06-25` - `2023-09-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
rurelanderpurgan.com R3	`2023-07-02` - `2023-09-30`	3 months	crt.sh
affelseaeinera.org Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
dgemanowhowe.xyz GTS CA 1P5	`2023-05-31` - `2023-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-25` - `2023-07-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
neoftheownouncillo.info Amazon RSA 2048 M02	`2023-06-27` - `2024-07-25`	a year	crt.sh
dfearinglestp.info E1	`2023-06-13` - `2023-09-11`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
fulheaddedfea.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://bowfile.com/9nfQ
Frame ID: CAF9AD185E447EFB38E325AA6001D7DC
Requests: 84 HTTP requests in this frame

Frame: https://neoftheownouncillo.info/TGN5VVUtARo4ai1eG3MgPg9EcGcKRksTMX0ZEyUvPAwRYWA7FxR7NiAMDDEzPgwXIXsiBg1wZwo6GxI5fTYUbQUOCwplAA4EOBACdTQuZBcKAkglHg0UIGwUHhssEgcVJj0GJiAtOjIzCyc4bAU1MSkUBisvLAM5GDMeYRYICBFlFisqMgYSAik9BGUUAUghHgQyLGwXCiYaEi8VKDoyFC4tDiEeBCErIxQrLi0dEXgnPQAtBCU/JRYbNTsyDXwyHB0ROy84LWELB0hkNg4UP2YNGhsgBw00BSoDOn8HSGQ2BAsObQIaCzQHPQ4oITk+Ajk/IRMYJlQxPAgLDg8SGAAgFgQ/BjYtIQY0Axs7FCUNHQchMTINOSAHNgQ2FSE7OWYUMEAYB34qPRcEBTIdZGQvJxEULQ4iNxQACyEfESIJKykEHAY3PDYAFA9IMQJ+KTsCA3kkI2UTKDY8ZGYUNQ40EwgyNh0yDjIgFjkWNBIfbRQlCQUUC1ocAjkKJyADLS47PBc+Gw9ADwEbMRxzPz8MFyVoICcSNBccBT4mJAkMKR0
Frame ID: 138FD578D2DE5062BCBCDDE76BC1DFC1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 6BA78B1EB4304AB4E0FFABA63A96766A
Requests: 1 HTTP requests in this frame

Frame: https://affelseaeinera.org/cE00UmMRL1c/XBFwVnQWAiEJd1E2aAYUB0IiTWBRHXtMNxpAdUZ8ABwiQTYFAiJaJk0eKEB3UTYbbgU1RgMHGyQzJWYANyIIeRoEAAFhPiE7D2EAJzQ6WAsrMhttHwQxf3IEMT8JXDkuOTdcZDUyCFIaBAAOZSUIEhpmBDohNQ0IJiYlYQolKRp2Yws/CGULNTMlcRkhBz52GlI1L3clIhUIZTEmJw9QCyAxOn4UDyoVYistIAphGCImfVs0ISE6eBoPFwtyOSE5D0wlMSEIUxoyQRt4AQs6D35iITkPQwcuM31DFjVBFFoKFCYOfAQtPwVYNjsmHxkmKzEqXxMnJgRlFgQHAnE5IhoYcTkiKAtuBjsHG3cGMkQeZSpbOhxxOlMmfFAEJRx5bhMmMgR2KjYxD1wUOid9dgowHBxVFBQfFWE+BygEBCEkIiZABDUxB3IEDzIYdjkXFBxxNSsxHGUWJEAYVgMlE3V1OSUjHgQ5ISYPdgswBwt/B1IqB3UXByEYBGomISEFBjAHa14hDB49CRpUND0FZlobJHIQLg
Frame ID: FEACDC5F9F40E5D1AC459A0BD8D494A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1689551033&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbowfile.com%2F9nfQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033153&bpp=4&bdt=473&idt=124&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2285295059661&frm=20&pv=2&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144
Frame ID: 82360057204D97FA3C8976C5F5A93027
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1689551033&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9nfQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033157&bpp=2&bdt=477&idt=146&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2285295059661&frm=20&pv=1&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M36xG7ZHnl&p=https%3A//bowfile.com&dtd=151
Frame ID: 2680CEF0B0DDFCE575060362DB84DCFC
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: AE600E7181F53FB36E43C8C10C07FCD0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FDED67C01376A9BF986C54DD27520AD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23087CEC319B7CB7CF57F561608CAF0D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9A6CB8E2CD8CFF1D68A65F864DE0578C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 22F0F69884F3EC9886E8E7981B43108E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 779FC173455F39E41449C6F03507B21A
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D5A064BCCCC1B7A7FEE4E1E29DE47136
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: FD0524476EAE54B3DFF65F8A7B29E110
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 368CE7B593A83FF636966AF1DB537B69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 8450C87E5DCDD0691B21E62AF8FB1006
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PZ_Fix_Repair_Steam_V3_Generic (2).rar - BowFile

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

63 %
IPv6

24
Domains

31
Subdomains

31
IPs

4
Countries

2615 kB
Transfer

5587 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXi_wXvtwTEs_h3P4ZhOZrD5RvxXub1qSFqhSAB3gPIwKOvKmxVkHxunPE7AzWgklh34aQn-5w HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-234372340%3A1689551032978407&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgO1fnpraxQkXMiWOZ2fVWSa_sqUKlVJl1K5RKSJCNCmkZHQ9LwrpKRvjEO4uPTy4NHPZ0B4w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 40

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXgnT4qGK1kGge09cJdLMgHKlBXM8OvsbZfvYwFe8qdm_q2pLR6cQ-DDKvC6AwQGNOziZT7G4w HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-519230316%3A1689551033047298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjjmhYGrejsFvWj_xrMLZMV-TE3RhBzogSy2lSSLudnvCt7oQxkHLeNk0KC680Wm149Tgnj&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

138 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9nfQ Show response
bowfile.com/ 420 KB
119 KB 179ms
142ms Document
text/html 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f37637cd2f01eaa3be0ac56d4713f74841e06db08136d5649c94b2123aa64db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache public
cf-cache-status: DYNAMIC
cf-ray: 7e7e1c215e1d9a09-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Jul 2023 23:43:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui0yC6jonfUot%2BTcOeN3i5VZJbsD6v88ROdSMDsL5iwOHcMa0kl8%2BhKfGTPR6wsUHBf3yCfHP414s5LWzlOd%2F%2FJ6mWVTVY7eDqusofx%2B%2B0cfZasitgzDaTLGcm8r0oVxHPi1Y5crq7ZGmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 75 KB
13 KB 17ms
14ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5254
etag: W/"5f8bebbe-12c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBd%2FuAEYe%2BXToS%2BW7XRzAv5i7bclCfwx6tmTxhWt7NwzxIKLBzlqbML56UzRQiGYVEwUq%2B66J3%2FscK6xpJWC24cGwiwYqbvFgG5G8lp3qTBV4xTzLS8gg4cAqL5zjY%2FtdjNMnjMeZsSWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224ea69a09-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 stack-interface.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
794 B 90ms
87ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3160
etag: W/"5f8bebbe-c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BiERVFRDZ6hPrSDgdbg%2FvAj4G13LDMFll1MbOn0RZqKShzsI5pJ6NH7tI7%2Bbsql2o33TK6SoVrOM0SvDlACqsuoWPIab1h25wJgZbudKSoXSnxAAm2R69WPys6bjc1tL1yCyciJzZj4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224ea89a09-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 socicon.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 19ms
16ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/socicon.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5779
cf-polished: origSize=9838
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-266e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsqnPeWhOzhW%2BCnukjFbQyzMS09NGblaR%2FvaqxgUWh7qDRPFlbg0qYPgXe6RCpaHJTjgGr5GS9PyGoQNirHO%2BAodmmkEalgkzi5rXWCoB1mIGOg1IQWJhUaW1CWTT8n1qGJ1xTdOlxAAdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e7e1c224ea99a09-FRA

GET
H2 200 lightbox.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 15ms
12ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4522
etag: W/"5f8bebbe-f31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdU2fGsKEHV68gDKWQv7Df7AnkpHRrL2xbB7wmKkOA03noCOm%2FSCzD8e2c0%2F7lJazp78ksOphrDwAu79STkb%2F1WqMwMraBUlEABGuQAuvom2I1HEIEEVer3a6H%2BmgbLg7q5v0HRX62DZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224eab9a09-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flickity.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
991 B 24ms
21ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/flickity.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5654
cf-polished: origSize=2521
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-9d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMa%2BoGcmDwH9xLlQxQakdC4wCKzFNKHR8IS%2BTor%2FxaIRX0jkfhcI2ledXcbtRpbvYzZRQPgr%2FpXW9tmCrA%2BiOgho%2FTQJ7XCRnfeFNzo%2FNu%2BSQvIGz5bSi9nifm9L0LVRCrTk0vuPD0EJ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224ead9a09-FRA

GET
H2 200 iconsmind.css
bowfile.com/themes/spirit/assets/frontend/css/ 80 KB
15 KB 24ms
22ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4522
cf-polished: origSize=102727
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-19147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7w6NJxPjKsPgAv6bHDfJPzdhVaz%2BnyvjhsbRM0qzJYMkxErwf8UQOZ4Xl%2FZ844EBkrv8yLOrlN8YXhUlyl9JknlXNqJ0D4gW2Wm4YxMYGVa88SjAq%2FeFe4z5fzs8uPJzI15KthPIKlddg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224eaf9a09-FRA

GET
H2 200 jquery.steps.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 18ms
16ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4522
cf-polished: origSize=6019
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-1783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx6u76VAgtkvUAPmiQCuQkvnQ%2BD6pZ9Nk542EWjfB0JQe0sCYiYvGokkSom5OKqeYLR7tCY8SeBd3LKQMLTHvO5%2FDi3D7yfgPM6kD8rY37T80dfES8S7AHILz5S0MFAIvJ0WrGYTyHsOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e7e1c224eb09a09-FRA

GET
H2 200 cookiealert.css
bowfile.com/themes/spirit/assets/frontend/css/ 12 KB
9 KB 17ms
14ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4522
cf-polished: origSize=12369
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-3051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PofmilB06EuQh%2F3F0xARHi3FTZn3pMyquG%2F%2FLAZMBlkSDCKP2McGRqO4AnOIBKNMBBCAQIiMgLfoB0ZE7JO%2BSVXSi%2FBEIqsXYjQ5UQRunHnTDU%2BnsnT9FuM9aWJyG29arlJlJLOlq%2BmEcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e7e1c224eb19a09-FRA

GET
H2 200 theme.css
bowfile.com/themes/spirit/assets/frontend/css/ 159 KB
28 KB 21ms
19ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4522
cf-polished: origSize=207645
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 22 May 2021 14:46:41 GMT
server: cloudflare
etag: W/"60a91951-32b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc2UzKlpM1STLjJls9RbOmt6CEaG3YpWfaY5qcMQkLGvV98WktLDXbtssgnIe%2FzOCZvt8Iup9DdQ71Lc0k60bzqkD7XNlCtk7QsuU2YyZnVWtydeZHgd%2BRM%2BFm2%2FdEPFTkQX97K7t8fpAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224eb29a09-FRA

GET
H2 200 font-awesome.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 58 KB
13 KB 19ms
17ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4522
etag: W/"5f8bebbe-e6ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOi5mSMqEdix5nE99LIsiqmFk0pOclTgcvdrRDPE28W1ZRuACOSP5zJg0a1RaRN3BYyJei%2BokTQfGxrHkPhrc7%2BTWMYu4LiwpdNThww2HD%2BbykbN8ZDRSQ1gHBoWbBxhcssPzogvUK7SlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c224eb39a09-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 27ms
25ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/custom.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4522
cf-polished: origSize=8936
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Feb 2021 16:28:48 GMT
server: cloudflare
etag: W/"601c20c0-22e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBLYbr%2Bwc6PTE%2Fnw52UHzMuF7mP%2BQISXWBJtYeL%2B06fqIJ7tipZ6WUgUyerii2%2F9YHZ2tYp5LAqWOWopgSFqHtPpaClDZ1wxROXTDH1ax3acv40MkUA4ILDpRmFvnwTNM6aRC4j%2BZ87bsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e7e1c225eb89a09-FRA

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb45f99791b77b7349d064ca6ff96f83a698f528ce7311da4878ec2095199dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 22:18:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
441 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:43:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H2 200 sw.js Show response
bowfile.com/ 99 KB
39 KB 28ms
26ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/sw.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db239494a216032d8575df7657ba44f2429007f2cc658a55b1443222aa408cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155
cf-polished: origSize=103038
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 16:08:27 GMT
server: cloudflare
etag: W/"64a6e6fb-1927e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5jpzVaxBOZeU3OxT0bvko924X%2FSMwFYCt9hLYtQ0eE%2FxEGqHzoYnzAdcwmI8eET8RhoR4ml1aFQSKDcA9rAbOlJCVDUraxMbp4wAOH9VoAQBT3YituxrbUXJ8MxcAJWv%2FySlcwe4SILDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7e7e1c225eb99a09-FRA

GET
H3 200 lg.png
bowfile.com/ 788 KB
788 KB 14ms
13ms Image
image/png 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/lg.png
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 00:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5616
etag: "60a45bb0-c4e0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr4wQJNolKCQF037uHHrjmjiZu0wIad9CJWLG1pPC2eQvACi6vj2xab5DbPxJ0P8QfT2yYCSoo%2B8QXmrLCBFYPlSYCIdBCAEEn2HNw%2BpqRcO5hLfTneiUznsKWN8B49q0VUPyptdzxwGGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e7e1c22ccf16915-FRA
alt-svc: h3=":443"; ma=86400
content-length: 806415

GET
H2 200 / Show response
d1zjpzpoh45wtm.cloudfront.net/ 180 KB
51 KB 266ms
185ms Script
text/plain 2600:9000:218d:5400:c:6917:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:5400:c:6917:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e70b134190f874dd9a0a6970090c8f9a85f2bd4ab784877c96e5bf02b936dc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
via: 1.1 e01ab9056cc78875229a55be936f41ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 51540
x-amz-cf-id: Fq4rK6r3-rHH1Lf7Zd6JJQ4kLmT99d6wbtJIcrcPZjNkE4kHJpmZdg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afcc94e527758ea4e9ea6f66be35cb2c9ceb80cf3d7524938662d7cef1f3d54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50715
x-xss-protection: 0
server: cafe
etag: 8088905787221101764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H/1.1 200
OK 55183 Show response
wreaksyolkier.com/tHLxNVPD8uDKlwK/ 5 B
1 KB 107ms
21ms Script
application/javascript 23.109.87.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://wreaksyolkier.com/tHLxNVPD8uDKlwK/55183

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.108 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 16 Jul 2023 23:43:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://bowfile.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H3 200 jquery-3.1.1.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 85 KB
31 KB 94ms
93ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-152b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0mEiJfGqh2yaGi7sic56H4ZeiNsxvDY0BxUVs5yZlU7NQba%2BThFpvYaiThHDO6ZqN3QzPlfQvI5XuZ5mKrQsv0zV2L1yQosoPHW8WWrnoFV0DN9Tlta7Fa1Uen2G%2BSd3uH2Sl745YCIpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c236d556915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.dataTables.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 68 KB
20 KB 27ms
23ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4521
etag: W/"5f8bebc0-1107a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X91cDf%2Fu1%2FziCWWcDdgsB1H0FCMQwdhahAACQczcBkbuw4pCJ0qGcD7UoGHCAuv%2FQlk4r4ilEOIuLNMDU4XgmybPAieLk8pF%2BXP0Khh2L4bBJ0RRbs9G038%2FpuFw3cmxLDsr7QL8ZJ2o1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d566915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 flickity.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 53 KB
14 KB 19ms
15ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-d271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgdAqHJEPgg%2BVIN9w498a3sXRoHP0XOZXzcyTVeQYGCCMTWr3AXSUomXTJtQ1E8fKLfWZRZEPG1O7Ww%2Beu1GdACZZMx30v2WRvUHb9MDJQg1bhKAbIVXAB3EJoTm82jLJZE3L9c8Ce749w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d586915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 typed.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 4 KB
2 KB 17ms
13ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/typed.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-f6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFkSis054qs9Kbj8A1AivlF6cIjniq34Vl8k%2Fyzq6O440n2vHhuhhTBks%2BWrStscEEUsWa1IpArPsnASMPys6SLk6Mt8MNvQkgX%2BMYk7tf7AE6tTrLBpyB6ztaUsY09mJBsmLDFiSlxRpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5a6915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 datepicker.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 20 KB
8 KB 22ms
17ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/datepicker.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156
cf-polished: origSize=20975
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-51ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BZK9OpK1sEvea8hznVuKRY%2FemBgoUWVM6xGaZ%2FIX9YB7fWw98wE%2ByZ1oQbyZTUDJ8lS6aXDkwNJDuEJc%2BQOtCpAf4bOtHnoh%2FEnfIYM9OLLcy1KKVsiREyd7zCR3R1J9zvmdGRSB8qkwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5b6915-FRA

GET
H3 200 granim.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 10 KB
3 KB 20ms
15ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/granim.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-298b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRnj17uR3bcAFHiH7i%2FulyLQqTwKOyG6QpncBW0pqN7up5kb8K3XiO%2BfsnRsRVGYpAhf9J0HGY9D8DNA3hIFgH9RGkCJoaQHBkc9hBC%2FdgXxrgnVp8b%2BvKQmGWUr8%2FWqPrs1GzPO8O1heA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5c6915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.steps.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 14 KB
5 KB 23ms
18ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-3626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXWJ%2BDU2qCFexlcNFDVcPUDmh7eGMHCWnWp4jrdt%2BNnzIYDjLc%2FfHyA%2FYwCQ%2BYUN2l3VfgQ%2BgPzbVi5N5UWehHfidAH9EJa3IC2b22oWUzzRhFGAPe%2Bgpv6cDpIyVV22S9Wst6ZcuRwKkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5d6915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 countdown.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 5 KB
3 KB 21ms
16ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-14f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvZaZh46QG2qlekqEkRo3RJkp9971LZBS5PpuWd6EgydOiCgigfalTc16wH%2FdaBkU3vo1xAiJleepVNu3ZL%2B73lVaCymCZ0wJKM9J96tfbXslLK9aFkKpVq3dFQE4LXClcCjmZeNUxiqRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5e6915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 smooth-scroll.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 6 KB
3 KB 20ms
16ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"5f8bebc0-178c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U09%2BReYeRkSzHIxgtPZL22uMdEgqKaZYVulTwV1NvS72YX9XcjTUkHFmt%2FB8GwUPLmVLuhjAAqCYd76yML7y5iju%2BCQAnn1PWc4R7mZPPtcarVLoNtm9E50XMT0ofmUXvOnTg%2B8eBGqbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d5f6915-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 scripts.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 65 KB
17 KB 28ms
23ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/scripts.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4521
cf-polished: origSize=114862
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-1c0ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEWK65TiPsp2%2BEH1Asb9nc0MCBnH6L6y2ocsjMhlIdPcLhXvfTyygcv92kRdGuW61I0xV9%2BczC2kppnG%2Bl3kGl9MqlYd7kcl2X5k19MN7oco7W9848j%2FFwkxnsz36suW9aVhodamKVUz5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d626915-FRA

GET
H2 200 c.js Show response
waust.at/ 13 KB
7 KB 49ms
15ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 445
etag: W/"63c0412c-32c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdKKfpDqAFFY0jB2F%2Fz0TCrfykC5zq22FkmzCZJKgUHjxf3jRVYoj07jmpmttkmPtenqCE8Tj489LaxcoVfS3hAsLx%2BgilVxLX8usTuitjiUrPKqKSFLEmPXDPTUmos0ZBtRPpns"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7e7e1c23acfe9945-FRA
expires: Mon, 17 Jul 2023 23:36:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 54ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30ab7f0fa559536cc2bf0a632737870798a23587d36d9fe6558e8f28436d8b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H3 200 cookiealert.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 935 B
996 B 30ms
25ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156
cf-polished: origSize=1836
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnODX0hGpu7BaodNEcsJnD3FZvPzHxnGVv259oAl7a4O6Y%2Fk%2F01EqU%2BFQ4M%2FlNKOIswoWkLvDIBEzwl0Xaj3%2FCu0OKxMD1%2B0sT%2BMeU4GiVIWQlOQczNG34oDclJBB35jg%2F0xcf%2BMI2su4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e7e1c237d646915-FRA

GET
H2 502 UXdGTEUqVTU7GiQFKm5%2Fcx8yODUiTWljJz4AICUpNFklIyh%2BBDFiLyJVam42PBFkdnR9VTUhM3NNZHhrYlVqbjEwEBklIXNNZHV8YUdydWd9VTU5Jw4eIn5na1UifCcyQH8ofXxBcXUhfEMieyd8T3F%2FJ3wRdygmaRQkLXcwTiBuOA
rurelanderpurgan.com/ 0
0 330ms
111ms Script
text/plain 52.20.131.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rurelanderpurgan.com/UXdGTEUqVTU7GiQFKm5%2Fcx8yODUiTWljJz4AICUpNFklIyh%2BBDFiLyJVam42PBFkdnR9VTUhM3NNZHhrYlVqbjEwEBklIXNNZHV8YUdydWd9VTU5Jw4eIn5na1UifCcyQH8ofXxBcXUhfEMieyd8T3F%2FJ3wRdygmaRQkLXcwTiBuOA
Requested by: Host: bowfile.com
URL: https://bowfile.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.20.131.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-131-174.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
x-powered-by: Express
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-methods: GET, POST

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 70ms
13ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 955
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 16 Jul 2023 23:27:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9INiW0EYw8KhCXt9tIrLPy1m6RzYIufSQZEglSVnocdHuzmDYutIGmzGrRJM%2B1cOhXLOViSisXezL8DDxMzlHVbWhVnq7FyCuhNNsRj1TIl46xaKTxx%2BiQmhLNmLsFCh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e7e1c23af201c36-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
388 B 161ms
104ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd93a9ca62d0855078d0ecfd5a77b781e97efccfdfd7a7ed17d967f541146350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txg6tfGUYIeUsFHf%2BZkjgkTF%2BTrj%2BAGyFPVzsNg1gds4KzUU4X4AHXBknrplX%2B0bnQ7kJHCMrd1f%2BhX2Np1ZYw9Okdfl0fyT8dQeHS7Z04QWLK1qylbx8ESFM4I4%2BIXP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bowfile.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7e7e1c23af211c36-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
affelseaeinera.org/ 0
537 B 167ms
108ms XHR
text/plain 13.249.9.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affelseaeinera.org/utx?cb=GAFKylyai3zy&top=bowfile.com&tid=954851
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-26.cdg53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:52 GMT
via: 1.1 f1a0d076bd803c49a08dd5907cff82b0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 9ngLhAkLdFTKCekZxwkusNUUfQyaqUs4MP8AA-hlcV_uukmZhSzP_g==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 67ms
21ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 955
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 16 Jul 2023 23:27:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00oK9scaifYbuEauupY6eEDjIocXLWGBFUg%2FyTU9To6kLnuJRPcccKKW%2BTvp4MxoCpfKMgpMJQ6fse89MqAJxV4vlCEY8ve3jphLaJMLBvo0iX58d3OD6UnGCPWrrFOL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e7e1c23af251c36-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
374 B 145ms
99ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacadd31d8927708a5fbf4b4dd5b65a1258295c836c073e31c9cb4b8efc42601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DslZxJmz5xjsZc3WMz7a1xLX2q76OZMqpUU2snVMpFktC0IixhCzdJl1vnikYWPWLvEgm9HqQM6ZJqHl6elPjEOxMrjjNM185wGUPcz%2BIrt20xR10bE5lTtxaYZofWvF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bowfile.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7e7e1c23af261c36-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 dzEzYldYDlARaiBpcRgORQRbMzwDZ2sPET9jXzgPFlp5LgIxWhUWPhMMCldjTwQCRCceVQ5TcQRFUhYiBAwCRD4ZV1xfcQEMAkxkQx8AU3lFF0ZfZlFFQwMwSgAVEiMDXQ5TYU8IBldmRwIBWmNA
dgemanowhowe.xyz/ 0
281 B 235ms
189ms Image
text/plain 104.21.63.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/dzEzYldYDlARaiBpcRgORQRbMzwDZ2sPET9jXzgPFlp5LgIxWhUWPhMMCldjTwQCRCceVQ5TcQRFUhYiBAwCRD4ZV1xfcQEMAkxkQx8AU3lFF0ZfZlFFQwMwSgAVEiMDXQ5TYU8IBldmRwIBWmNA
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r91EwSoR3kThkVOvzGJ%2BcVf0iLFiY0iqEpsML45RI8DW3L5QxE%2FBtXGjRT1BMS%2FGr%2B4xkCNbWEZ7xXLFGVjYPdFfC6V9iO%2F8o0ZQfbbnTJHkNto4YKNtXgCq9pFUlBXS1vFJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c23ba5d2c52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 125ms
92ms Image
text/html 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXi_wXvtwTEs_h3P4ZhOZrD5RvxXub1qSFqhSAB3gPIwKOvKmxVkHxunPE7...
https://accounts.google.com/v3/signin/identifier?dsh=S-234372340%3A1689551032978407&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgO1fnpraxQkXMiWOZ2fVWSa_sqUKlVJl1K5RKSJCNCmk...

0
0

24ms
24ms

Image
text/html

2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-234372340%3A1689551032978407&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgO1fnpraxQkXMiWOZ2fVWSa_sqUKlVJl1K5RKSJCNCmkZHQ9LwrpKRvjEO4uPTy4NHPZ0B4w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Server: 2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Sun, 16 Jul 2023 23:43:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UcDhGFUI84DoLpq-wLMDLA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-234372340%3A1689551032978407&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgO1fnpraxQkXMiWOZ2fVWSa_sqUKlVJl1K5RKSJCNCmkZHQ9LwrpKRvjEO4uPTy4NHPZ0B4w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXgnT4qGK1kGge09cJdLMgHKlBXM8OvsbZfvYwFe8qdm_q2pLR6cQ-D...
https://accounts.google.com/v3/signin/identifier?dsh=S-519230316%3A1689551033047298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjjmhYGrejsFvWj_xrMLZMV-TE3RhBzogSy2lSSLudnv...

0
0

22ms
21ms

Image
text/html

2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-519230316%3A1689551033047298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjjmhYGrejsFvWj_xrMLZMV-TE3RhBzogSy2lSSLudnvCt7oQxkHLeNk0KC680Wm149Tgnj&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H3
Server: 2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Sun, 16 Jul 2023 23:43:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-D-7ndg_5QieatjE9fUtnWQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-519230316%3A1689551033047298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjjmhYGrejsFvWj_xrMLZMV-TE3RhBzogSy2lSSLudnvCt7oQxkHLeNk0KC680Wm149Tgnj&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
dgemanowhowe.xyz/ 35 B
535 B 41ms
12ms Image
image/gif 104.21.63.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 23:43:52 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 19:49:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 359675
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1eXMLYUPDdcvI59UAE4TBUPozOaXwOrKst4hx5EAymQBvOywpsrPI%2FbZmhy7KLfrrJ2JU%2FZSgSyHg2Sqvp9nNwjX%2FFVdEkaihl9ad%2BOD5lmByzIgqJ%2BrDZ0V11T%2Ffijbhvw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7e7e1c23ba5f2c52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 QV17WWFTBndGdwEDKxBsRFU6AyUZTntBaUxGf0ZhRkFyQmQ
dgemanowhowe.xyz/dXNKd1FaTCkEbBc0czg1ITEpID8NNgsxaBQVeiYbLR8QQgUkImwDOBFOc0BkRUF8USEcF3dEZFMAPhYlAAB3RnccHSwYbFMFd0d/ 0
246 B 193ms
193ms Image
text/plain 104.21.63.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/dXNKd1FaTCkEbBc0czg1ITEpID8NNgsxaBQVeiYbLR8QQgUkImwDOBFOc0BkRUF8USEcF3dEZFMAPhYlAAB3RnccHSwYbFMFd0d/QV17WWFTBndGdwEDKxBsRFU6AyUZTntBaUxGf0ZhRkFyQmQ
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXd%2BZI5Yec3X9oJiRQ3FcAQz1AyiCT%2FvGWhrCRgyONTnTVU6BLXLXKtO%2BpgBCp%2FPHQIDy1sBxCvaHtN1pVTw6QzNWAAIOE9mO5zn2aiksPHewsN9GOkXSHTlmv2eFc8jQR0D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c23ca642c52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 bi8kBj82MlZhFAUNLG99YiM1cjwyIA9hKAcZWxE4OhFeDnhqRFoGaiMcBwp9a1MQQy0nABAKfXUcDVEjblMVCn19RU0FYmFTFgp9dQETVituREVHOCcZXgZ6a0xWAn1jRlEPemI
dgemanowhowe.xyz/dWM3TFNaXFQ/ 0
247 B 195ms
195ms Image
text/plain 104.21.63.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/dWM3TFNaXFQ/bi8kBj82MlZhFAUNLG99YiM1cjwyIA9hKAcZWxE4OhFeDnhqRFoGaiMcBwp9a1MQQy0nABAKfXUcDVEjblMVCn19RU0FYmFTFgp9dQETVituREVHOCcZXgZ6a0xWAn1jRlEPemI
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh8DvGVbTVwRQyxEsiIZwT5fQn%2BWqcuoFBHcmY3tXZ%2FDginxPZcFLyzU8SKpaE3%2BLjaj1ZPEqtCXjWDSySJljO1NVD6xaIHuAigQZC8TjED1O666KVwZyMlfJCNKa%2Fib7Dq2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c23ca652c52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 151104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 05:45:28 GMT

GET
H2 204 utx Show response
neoftheownouncillo.info/ 0
533 B 182ms
152ms XHR
text/plain 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neoftheownouncillo.info/utx?cb=h32ZBExY5aoe&top=bowfile.com&tid=979095
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-46.fra6.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:53 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: RA7SCSlNf4cJN16MAISD9je0LFyc8MssdK7Atte-U0vSAaupOjllLQ==

GET
H2 200 BjYtIQY0Axs7FCUNHQchMTINOSAHNgQ2FSE7OWYUMEAYB34qPRcEBTIdZGQvJxEULQ4iNxQACyEfESIJKykEHAY3PDYAFA9IMQJ+KTsCA3kkI2UTKDY8ZGYUNQ40EwgyNh0yDjIgFjkWNBIfbRQlCQUUC1ocAjkKJyADLS47PBc+Gw9ADwEbMRxzPz8MFyVoICcSN... Show response
neoftheownouncillo.info/TGN5VVUtARo4ai1eG3MgPg9EcGcKRksTMX0ZEyUvPAwRYWA7FxR7NiAMDDEzPgwXIXsiBg1wZwo6GxI5fTYUbQUOCwplAA4EOBACdTQuZBcKAkglHg0UIGwUHhssEgcVJj0GJiAtOjIzCyc4bAU1MSkUBisvLAM5GDMeYRYICBFlF... Frame 138F 3 KB
2 KB 115ms
100ms Document
text/html 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neoftheownouncillo.info/TGN5VVUtARo4ai1eG3MgPg9EcGcKRksTMX0ZEyUvPAwRYWA7FxR7NiAMDDEzPgwXIXsiBg1wZwo6GxI5fTYUbQUOCwplAA4EOBACdTQuZBcKAkglHg0UIGwUHhssEgcVJj0GJiAtOjIzCyc4bAU1MSkUBisvLAM5GDMeYRYICBFlFisqMgYSAik9BGUUAUghHgQyLGwXCiYaEi8VKDoyFC4tDiEeBCErIxQrLi0dEXgnPQAtBCU/JRYbNTsyDXwyHB0ROy84LWELB0hkNg4UP2YNGhsgBw00BSoDOn8HSGQ2BAsObQIaCzQHPQ4oITk+Ajk/IRMYJlQxPAgLDg8SGAAgFgQ/BjYtIQY0Axs7FCUNHQchMTINOSAHNgQ2FSE7OWYUMEAYB34qPRcEBTIdZGQvJxEULQ4iNxQACyEfESIJKykEHAY3PDYAFA9IMQJ+KTsCA3kkI2UTKDY8ZGYUNQ40EwgyNh0yDjIgFjkWNBIfbRQlCQUUC1ocAjkKJyADLS47PBc+Gw9ADwEbMRxzPz8MFyVoICcSNBccBT4mJAkMKR0
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-46.fra6.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: c94d388ca766f28cd27988f7915a476778adb13befa7d0c5683abf099e88921e

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1257
content-type: text/html
date: Sun, 16 Jul 2023 23:43:53 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id: O_wap_vjWGybeMbYLXkOaLSY8jjbOtmbAnq7u93xnYGRqUfsOQScoQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 204 ZTNvSGtKDAw7VigCNSYKPXInEQcnVz4vJQJlOTgoJgElHTNVakk8AgEOVn9SVQpabhsMV1J7WUNAGykfEEBSeU0MXQknVkNFUnhFXB1eZl5DRlJ5XV0FXHtcUAZZfVhVC1l5TRFDDi9WVBUfPB8JDl5+U1wGWnlbVgBfflI
dfearinglestp.info/ 0
393 B 137ms
101ms Image
text/plain 104.21.83.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/ZTNvSGtKDAw7VigCNSYKPXInEQcnVz4vJQJlOTgoJgElHTNVakk8AgEOVn9SVQpabhsMV1J7WUNAGykfEEBSeU0MXQknVkNFUnhFXB1eZl5DRlJ5XV0FXHtcUAZZfVhVC1l5TRFDDi9WVBUfPB8JDl5+U1wGWnlbVgBfflI
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIIPYLK1umAkVXsSzqOsk%2FMIgho5hSkr7kV%2BLCcPDvkOHrnPgmofG14zwztprQmtHN1CgW9FukADZZdkJgr0jXHEx3O8f17d2mDwa%2FisnCx2MbvpCkm7dxBmZbXd0njyydkBHpk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c251e50694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 S1RqNHhkawlHRR8MJwAcHR5fZg9yFjN8SQ0XAW4fLwEJeCl5BUxAES9pUwNBe21fEggiMFcHSm0nHlUMPidXBkh7Y0xdFi07VwVePWlaGkFlZUQBXj5pWwJAfWdZA01+Yl8HSHNiWxIMOzUNCUltJB5AFHZlXAxBfmFbBEt4ZF0F
dfearinglestp.info/ 0
252 B 140ms
105ms Image
text/plain 104.21.83.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/S1RqNHhkawlHRR8MJwAcHR5fZg9yFjN8SQ0XAW4fLwEJeCl5BUxAES9pUwNBe21fEggiMFcHSm0nHlUMPidXBkh7Y0xdFi07VwVePWlaGkFlZUQBXj5pWwJAfWdZA01+Yl8HSHNiWxIMOzUNCUltJB5AFHZlXAxBfmFbBEt4ZF0F
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCYtQPIfD3aDkw8dcOrB09TMh3NqThMU%2BBNRQpl0UVHyGpltEnovklXSnTgw06BxrRq1P25xDyddlU%2FzetJGDAgKuczXP%2F4YsJtSbz7FUkbdE%2FuJXI24RA5GILN8kcoLjI0F%2BIA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c251e51694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 stack-interface.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/ 4 KB
5 KB 14ms
13ms Font
font/woff2 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1781
etag: "5f8bebc0-10c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlUUdzYeJGIKx6UeeLLo4%2FgzhQxu7%2FEKcRF%2FzScyfm5NfitrTEQPvvdoB1vxEdS0oUEssDbtYNq9SbgQdBK0mGwGA54nEyqXCAd89CeMRep2GPe7%2F%2FLzTcf4axFWrCC5DDGmoYra%2Bp9Iag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e7e1c24fe4e6915-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4292

GET
H3 200 fa-solid-900.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/ 78 KB
79 KB 15ms
14ms Font
font/woff2 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 157
etag: "5f8bebc0-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4hwzFdrBOJBgRf9jWCmCGi%2FITfVjnVoYZW5gmL9MI0lXxYCk6pF71BiLbNX9paNoNN8StSP9Xlao4JvZny06NYqLV1f3lrXLBKR8VrLMhZ8lEb9m9Vfwq8J8yfgwI8uSAj89BYB%2B4TxnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e7e1c24fe506915-FRA
alt-svc: h3=":443"; ma=86400
content-length: 80148

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v35/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 04:52:04 GMT
x-content-type-options: nosniff
age: 413509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19308
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 04:52:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 356 KB
122 KB 55ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5d5eada7c11850e0c937df1174d7f5c693fddfbc8c9b22f0401e7766ea87288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125356
x-xss-protection: 0
server: cafe
etag: 12670792283028786984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 6BA7 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 12:04:12 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 12:04:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 238ms
204ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2F9nfQ&j=
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
x-t: 0.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSzFwRy9MQma6rUHdCKyIHDsyqQkH98%2Fzwqe2aBVeZ8adSlYeXu3%2FD8%2BmFSC47DD8Dezb27bRFD%2FQ6s0fizoodcWzdvheYcgdSy5B%2BihYYGTeefJUOR1unrr5nF%2FpQ2RAZR3C%2FLdXfQ08hQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 7e7e1c25bc36085d-FRA
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H2 200 AzNMRSkpGh94JT8PGWAjSzcLVW1dZR1QPgp+V1Q+Dn5AFzEJIUwBdhkzHlptGzsXWzMXIBBSKks2EAw9AjkYXTwMZkN3ZUNzVANgRTQYXzQCNAIUYl0tBRRiXXJBH2BIcDMUYl00GF9mWWZCc3VfcwkHZERmQw-ExHTMdVCcIIRpYJEhxNwRjWm1CB3Vfc1laOBku... Show response
d2oy22m6xey08r.cloudfront.net/8Q3ExUG0gHl82UjcYVW1UdkUJZVxlG0I/ 712 B
786 B 228ms
164ms Script
text/plain 2600:9000:26da:fc00:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/8Q3ExUG0gHl82UjcYVW1UdkUJZVxlG0I/AzNMRSkpGh94JT8PGWAjSzcLVW1dZR1QPgp+V1Q+Dn5AFzEJIUwBdhkzHlptGzsXWzMXIBBSKks2EAw9AjkYXTwMZkN3ZUNzVANgRTQYXzQCNAIUYl0tBRRiXXJBH2BIcDMUYl00GF9mWWZCc3VfcwkHZERmQw-ExHTMdVCcIIRpYJEhxNwRjWm1CB3Vfc1laOBkuHRRiLmZDATwEKBQUYl0kFFI7AmpUA2AOKwNePQhmQ3dhXHdfAX5YdEIEflx6SRRiXTAQVzEfKlQDFlhwRh9jW2UEDGFbe0cCY1p2RAdlXnNJB2E
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:fc00:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 227c8e646d6f995c23826510fe61f38df7e64a68f06025353545995db58d8ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 507
x-amz-cf-id: GnjGRTMnsozzmrT__KeU5abVxVon_265yP3ugEia-QXUIkkuPLOnrg==

GET
H2 200 B1IqB3UXByEYBGomISEFBjAHa14hDB49CRpUND0FZlobJHIQLg Show response
affelseaeinera.org/cE00UmMRL1c/XBFwVnQWAiEJd1E2aAYUB0IiTWBRHXtMNxpAdUZ8ABwiQTYFAiJaJk0eKEB3UTYbbgU1RgMHGyQzJWYANyIIeRoEAAFhPiE7D2EAJzQ6WAsrMhttHwQxf3IEMT8JXDkuOTdcZDUyCFIaBAAOZSUIEhpmBDohNQ0IJiYlYQ... Frame FEAC 3 KB
2 KB 101ms
100ms Document
text/html 13.249.9.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affelseaeinera.org/cE00UmMRL1c/XBFwVnQWAiEJd1E2aAYUB0IiTWBRHXtMNxpAdUZ8ABwiQTYFAiJaJk0eKEB3UTYbbgU1RgMHGyQzJWYANyIIeRoEAAFhPiE7D2EAJzQ6WAsrMhttHwQxf3IEMT8JXDkuOTdcZDUyCFIaBAAOZSUIEhpmBDohNQ0IJiYlYQolKRp2Yws/CGULNTMlcRkhBz52GlI1L3clIhUIZTEmJw9QCyAxOn4UDyoVYistIAphGCImfVs0ISE6eBoPFwtyOSE5D0wlMSEIUxoyQRt4AQs6D35iITkPQwcuM31DFjVBFFoKFCYOfAQtPwVYNjsmHxkmKzEqXxMnJgRlFgQHAnE5IhoYcTkiKAtuBjsHG3cGMkQeZSpbOhxxOlMmfFAEJRx5bhMmMgR2KjYxD1wUOid9dgowHBxVFBQfFWE+BygEBCEkIiZABDUxB3IEDzIYdjkXFBxxNSsxHGUWJEAYVgMlE3V1OSUjHgQ5ISYPdgswBwt/B1IqB3UXByEYBGomISEFBjAHa14hDB49CRpUND0FZlobJHIQLg
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-26.cdg53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f11acea173292046b6a3c38ec05ec5cbbaf3d51edd654588b43ca16192d70118

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1248
content-type: text/html
date: Sun, 16 Jul 2023 23:43:53 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f1a0d076bd803c49a08dd5907cff82b0.cloudfront.net (CloudFront)
x-amz-cf-id: SrijCdugGtmbg_-1o57i8bFQj_-BWgDTQ8h2QcJVXWVLKunWtkcktA==
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront

GET
H2 200 dQ0KW2-MADhxefRtTURggXx0LL2gBCFUFJlYdC1wqVltSA2QWCgkPJUFXVAloAX4IXXkdCBdZegANF110Cx0LXD5SXlgeJBYKf1l+BBYKWmtGBQhadQULClt4Bg4MX30LDgg Show response
d2oy22m6xey08r.cloudfront.net/3OWxNMzhaAyNVB00FKQ4BDVV8CgkfBj5cVklRO1hfQ1Q8fwB9FWtHQl1RfRVUWAIqDh5cAi4OCR8NKVEFCUo4UgVUAzdaVFUNaAF+DEJ9FgoJRDpaVl0DOkAdC1wjRx0LXHwDFglJfnEdC1w6WlYPWGgAehxefUsODUVoAQ... 202 B
474 B 223ms
167ms Script
text/plain 2600:9000:26da:fc00:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/3OWxNMzhaAyNVB00FKQ4BDVV8CgkfBj5cVklRO1hfQ1Q8fwB9FWtHQl1RfRVUWAIqDh5cAi4OCR8NKVEFCUo4UgVUAzdaVFUNaAF+DEJ9FgoJRDpaVl0DOkAdC1wjRx0LXHwDFglJfnEdC1w6WlYPWGgAehxefUsODUVoAQhYHD1fXU4JL1hRTUl/dQ0KW2-MADhxefRtTURggXx0LL2gBCFUFJlYdC1wqVltSA2QWCgkPJUFXVAloAX4IXXkdCBdZegANF110Cx0LXD5SXlgeJBYKf1l+BBYKWmtGBQhadQULClt4Bg4MX30LDgg
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:fc00:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8c699a3459b2a55e321ee35d0e24ca4d43847f0cf9b83a1e765c3990285a38e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 195
x-amz-cf-id: OBC5ZCdFiDnll0oTtUDAXAWXEPuPwk2s9AG7qfvfzJvJyUKrJfL2BA==

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
184 B 154ms
122ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=4priswyaav&t=PZ_Fix_Repair_Steam_V3_Generic%20(2).rar%20-%20BowFile&c=c&x=https%3A%2F%2Fbowfile.com%2F9nfQ&y=&a=0&d=0.709&v=27&r=9308
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 093ecd09286d32b960e81472b6b19161230bd2df200e17e0476cd04245abadc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e7e1c25cd3618ed-FRA
content-type: text/javascript;charset=UTF-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 40ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G45GX6EFX2&gtm=45je37c0&_p=1337952237&cid=1313294219.1689551033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689551033&sct=1&seg=0&dl=https%3A%2F%2Fbowfile.com%2F9nfQ&dt=PZ_Fix_Repair_Steam_V3_Generic%20(2).rar%20-%20BowFile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bowfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 utx Show response
fulheaddedfea.com/ 0
537 B 152ms
98ms XHR
text/plain 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fulheaddedfea.com/utx?tid=990049&top=bowfile.com&cb=nKw7E61QqN8Q
Requested by: Host: bowfile.com
URL: https://bowfile.com/sw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-125.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:53 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: kx_ykwGRuHno7yItINdtRqR8nmYkhOmaug7r9EL5prdtLZup45M1kQ==

GET
H2 200 YbGl1Um8PBhs0UBgAEW9WW1BFa1pKAwY9ARxUGRYEDSslNCgfGDA9PyRPASgLUVlTPg4CDkh0CgIKSGNJDQ0Xb1tKHQU9BFEcGzYKCgAbNwtKHBRvAgMTHD4DDUxHFFpCWVBgX0QeHDwLAx4Gd11cBwF3XVxYRXxfSVo3d11cHhw8WVhMRhBKXlkNZFtFTE-diDhw... Show response
d1zjpzpoh45wtm.cloudfront.net/ Frame 138F 446 B
621 B 180ms
179ms Script
text/plain 2600:9000:218d:5400:c:6917:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjpzpoh45wtm.cloudfront.net/YbGl1Um8PBhs0UBgAEW9WW1BFa1pKAwY9ARxUGRYEDSslNCgfGDA9PyRPASgLUVlTPg4CDkh0CgIKSGNJDQ0Xb1tKHQU9BFEcGzYKCgAbNwtKHBRvAgMTHD4DDUxHFFpCWVBgX0QeHDwLAx4Gd11cBwF3XVxYRXxfSVo3d11cHhw8WVhMRhBKXlkNZFtFTE-diDhwZGTcYCQseOxtJWzNnXFtHRmRKXlldOQcYBBl3XS9MR2IDBQIQd11cDhAxBANAUGBfDwEHPQIJTEcUXl1dW2JBWV5GZ0FdUE13XVwaFDQOHgBQYClZWkJ8XFpPAG9eWlFDYVxbXEBkWl9ZTWRe
Requested by: Host: neoftheownouncillo.info
URL: https://neoftheownouncillo.info/TGN5VVUtARo4ai1eG3MgPg9EcGcKRksTMX0ZEyUvPAwRYWA7FxR7NiAMDDEzPgwXIXsiBg1wZwo6GxI5fTYUbQUOCwplAA4EOBACdTQuZBcKAkglHg0UIGwUHhssEgcVJj0GJiAtOjIzCyc4bAU1MSkUBisvLAM5GDMeYRYICBFlFisqMgYSAik9BGUUAUghHgQyLGwXCiYaEi8VKDoyFC4tDiEeBCErIxQrLi0dEXgnPQAtBCU/JRYbNTsyDXwyHB0ROy84LWELB0hkNg4UP2YNGhsgBw00BSoDOn8HSGQ2BAsObQIaCzQHPQ4oITk+Ajk/IRMYJlQxPAgLDg8SGAAgFgQ/BjYtIQY0Axs7FCUNHQchMTINOSAHNgQ2FSE7OWYUMEAYB34qPRcEBTIdZGQvJxEULQ4iNxQACyEfESIJKykEHAY3PDYAFA9IMQJ+KTsCA3kkI2UTKDY8ZGYUNQ40EwgyNh0yDjIgFjkWNBIfbRQlCQUUC1ocAjkKJyADLS47PBc+Gw9ADwEbMRxzPz8MFyVoICcSNBccBT4mJAkMKR0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:5400:c:6917:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6ef1e350c803cfa894263d02b69237019b41e8821b9400071cfa3dd39491425a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://neoftheownouncillo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
via: 1.1 e01ab9056cc78875229a55be936f41ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 343
x-amz-cf-id: --tU-3kFh4bsQ82c1D0XyySHxeLEfo-cGcLOdLWejNcEGik6lHvXEQ==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 36ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bowfile.com&callback=_gfp_s_&client=ca-pub-1455201204252520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00e6f46a4479c492e64b0749a0d7e84313c3113679e278d5c4d795ca797f7c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 39ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8236 442 KB
83 KB 1250ms
1249ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1689551033&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbowfile.com%2F9nfQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033153&bpp=4&bdt=473&idt=124&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2285295059661&frm=20&pv=2&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb648f79123ab2e6e89fcf08a5dc5017b11882389a1c244e34e26e3f35478418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 23:43:54 GMT
expires: Sun, 16 Jul 2023 23:43:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2680 113 KB
38 KB 277ms
277ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1689551033&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9nfQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033157&bpp=2&bdt=477&idt=146&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2285295059661&frm=20&pv=1&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M36xG7ZHnl&p=https%3A//bowfile.com&dtd=151

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29321a92db2f9d2a1ad9447f2f6c85244e05e6ff41159a0637b17e79c57e4b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38346
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 23:43:53 GMT
expires: Sun, 16 Jul 2023 23:43:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 VZWV6N3IGChRRTREMHgpLUlBKBURDDwlYHBVYMgA2FVRODhkMIzh6VBEfHgpCQwkbWRVYQx9ZEVhUXFYWB1hOEQYVChEKBwsBH1EbCwAeEQcEWBdYCAwJFlZXVyNPGUJAV0ofBQwLHlgFFkBIBxwRQEgHQ1VLShJBJ0BIBwUMC0wDV1YnXwVCHVNOHldXVR-tHAgk... Show response
d2oy22m6xey08r.cloudfront.net/ Frame FEAC 824 B
846 B 166ms
166ms Script
text/plain 2600:9000:26da:fc00:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/VZWV6N3IGChRRTREMHgpLUlBKBURDDwlYHBVYMgA2FVRODhkMIzh6VBEfHgpCQwkbWRVYQx9ZEVhUXFYWB1hOEQYVChEKBwsBH1EbCwAeEQcEWBdYCAwJFlZXVyNPGUJAV0ofBQwLHlgFFkBIBxwRQEgHQ1VLShJBJ0BIBwUMC0wDV1YnXwVCHVNOHldXVR-tHAgkADVIQDgwOEkAjUEkAXFZTXwVCTQ4SQx8JQEh0V1dVFl4ZAEBIBxUABhFYW0BXSlQaFwoXUldXI0sGRktVVAJFVlBUBktdQEgHAQQDG0UbQFc8AkFSS0kBVBBYSwFKU1ZJAEdQU08EQl1TSw
Requested by: Host: affelseaeinera.org
URL: https://affelseaeinera.org/cE00UmMRL1c/XBFwVnQWAiEJd1E2aAYUB0IiTWBRHXtMNxpAdUZ8ABwiQTYFAiJaJk0eKEB3UTYbbgU1RgMHGyQzJWYANyIIeRoEAAFhPiE7D2EAJzQ6WAsrMhttHwQxf3IEMT8JXDkuOTdcZDUyCFIaBAAOZSUIEhpmBDohNQ0IJiYlYQolKRp2Yws/CGULNTMlcRkhBz52GlI1L3clIhUIZTEmJw9QCyAxOn4UDyoVYistIAphGCImfVs0ISE6eBoPFwtyOSE5D0wlMSEIUxoyQRt4AQs6D35iITkPQwcuM31DFjVBFFoKFCYOfAQtPwVYNjsmHxkmKzEqXxMnJgRlFgQHAnE5IhoYcTkiKAtuBjsHG3cGMkQeZSpbOhxxOlMmfFAEJRx5bhMmMgR2KjYxD1wUOid9dgowHBxVFBQfFWE+BygEBCEkIiZABDUxB3IEDzIYdjkXFBxxNSsxHGUWJEAYVgMlE3V1OSUjHgQ5ISYPdgswBwt/B1IqB3UXByEYBGomISEFBjAHa14hDB49CRpUND0FZlobJHIQLg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:fc00:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6b8e83a5949429e08ba1db93858540c5877edbcd5e69716efcaa10e09157cef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affelseaeinera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 567
x-amz-cf-id: UkpnOoypZIpkAzlwI3PPpT-p0NyURuDSpKRmr-_zV4gpt_L6VlM8kQ==

POST
H2 200 / Show response
rurelanderpurgan.com/ 0
37 B 298ms
97ms XHR
text/plain 52.20.131.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rurelanderpurgan.com/
Requested by: Host: bowfile.com
URL: https://bowfile.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.20.131.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-131-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bowfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H2 200 tc.js Show response
cdn.tynt.com/ 18 KB
7 KB 58ms
13ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
server: cloudflare
age: 152724
etag: W/"64109741-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7e7e1c26dbec9118-FRA
expires: Wed, 19 Jul 2023 23:43:53 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
344 B 195ms
195ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=5tnna8b9uj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=181r&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2F9nfQ&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba114336e5b7612da9f919dc55c9579e0f2612db9545be387f9dcc7befc3f1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
x-t: 0.177
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzrDtNKNlYPqGa4tJitgMTIX%2BATEIYuBieMiGGlX55bw3DZOGHCKvcGI9kkc030s9%2Fs4aEB%2BbeiTgU%2F2wdWXWfGfs4JR%2Fm9zBjN3Ixi1JMVypHMg68o0SGfGxdVzLX0wThFB0TkAmYmSap0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7e7e1c270d19085d-FRA
expires: Sun, 16 Jul 2023 23:43:52 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 323ms
102ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1689551033484&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9nfQ&t=PZ_Fix_Repair_Steam_V3_Generic%20(2).rar%20-%20BowFile&chmob=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Sun, 16 Jul 2023 23:43:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 css
fonts.googleapis.com/ Frame 2680 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1689551033&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9nfQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033157&bpp=2&bdt=477&idt=146&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2285295059661&frm=20&pv=1&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M36xG7ZHnl&p=https%3A//bowfile.com&dtd=151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:53 GMT

GET
H2 200 popunder.gif
dfearinglestp.info/ 35 B
407 B 21ms
21ms Image
image/gif 104.21.83.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 08:32:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227491
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgCfyoCjNiHSBb1h0lFM%2BfCMr%2F2KumoQ28rPQS7rXRP%2BJuWEC5Flu7jm%2F8KZ6qiL4C%2B%2BoBRghaIIHUeOqcaXSp%2FdPHbzZ0T0%2FHY0ZpXp8uURoWlTEofA9%2BC9T9fWII6k0l3Dlns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7e7e1c2808d4694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 2680 2 KB
946 B 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 2680 23 KB
9 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 2680 3 KB
1 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 21:59:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 2680 20 KB
9 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2680 179 KB
57 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:53 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 2680 33 KB
14 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/922526574298912379/ Frame 2680 88 KB
89 KB 24ms
13ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/922526574298912379/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bf9d288acae59016d02faa65559ff2e273c9bf6730bb16f47a4c5a36b1110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 07:45:33 GMT
x-content-type-options: nosniff
age: 57500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90592
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jul 2024 07:45:33 GMT

GET
DATA 200
OK truncated
/ Frame 2680 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2680 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 BAMXG2RFQVtObEFGU0RqQkVR
dfearinglestp.info/WXR3Y3d2SxQQSgseJQ0WND4OIjEbESIrLhoiIQ8mPxM1Ni8fJVEXHj1JTlROaU1CRQcwEEpQRX8HAwIDLAdKUUdpQ1EKGT8bSlJRL0lHTU53RVlWUSxJRlVPb0dEVEJsQkJQR2FCRkUDKRUQXkZ/ 0
422 B 102ms
101ms Ping
text/plain 104.21.83.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dfearinglestp.info/WXR3Y3d2SxQQSgseJQ0WND4OIjEbESIrLhoiIQ8mPxM1Ni8fJVEXHj1JTlROaU1CRQcwEEpQRX8HAwIDLAdKUUdpQ1EKGT8bSlJRL0lHTU53RVlWUSxJRlVPb0dEVEJsQkJQR2FCRkUDKRUQXkZ/BAMXG2RFQVtObEFGU0RqQkVR
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbh52HFgBekxrH0EFRlZM%2BZhsFmnLn2uaTD88F%2FNhMnK7AvTkaH8U5yhx2PrVJjaoCWmpMuzmtXAvs%2BOxrXX%2Fd1vNhvCtRseA7MKcO3BXC%2B8Ia%2BhLmPsw%2F5R9dCUbtMk%2FvvlLEU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e7e1c28283f37cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 205 floater Show response
neoftheownouncillo.info/ 0
563 B 112ms
112ms XHR
text/plain 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neoftheownouncillo.info/floater?cs=dDYxTVpAAgZ5aEQAA35oTAICe2w&abt=0&red=1&sm=90&k=repair%20steam%20generic&v=0.9.1.5&sts=0&prn=0&emb=0&tid=979095&rxy=1600_1200&u=1686337556530861&agec=1689551032&fs=1&m=1&ns=1&ndp=1&asi=1&mbkb=1063.8297872340424&ref=https%3A%2F%2Fbowfile.com%2F9nfQ&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F114.0.5735.198%20safari%2F537.36&tzd=0&uloc=&if=0&aa=lbnt__oi0_&_KW7U=1689551033623&crc=1
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-46.fra6.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:53 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://bowfile.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: M3Kg_jszDzhWoFkDYT47vskTv0UN4V8C7cKYEfNVXOJWvEpc80urWA==

GET
DATA 200
OK truncated
/ Frame 2680 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af3dd2576cf7d964863b1a954bb49a8e624a0093ecfef7598d139d189053436b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 popunder.gif
dgemanowhowe.xyz/ 35 B
313 B 12ms
12ms Image
image/gif 104.21.63.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 23:43:53 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 19:49:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 359676
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SGydAFrFUbsVK%2FxLVgu%2FKLloZ5EG67x4KAQ2kQXcMTvhdzJkVZz35gY3lBqs7rzM1uEiuf7OIgzlPio0zvVSUfXhFlfafQlaWjDc9f1P8qKFR%2BblrU%2FHJSKMXvlKf%2Fmzcuy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7e7e1c285dc72c52-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2680 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 75594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2680 0
23 B 52ms
51ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMO_TuYC0ZOWCFKTH7_UPipi5wAGzu__HcZiE3e_FEMf1u5aPDhABIJCBkyNgleKQgqAHoAHe2fWMKcgBCakCcpkBuEjWsj6oAwHIA8sEqgToAU_QB_E1NeAM63kyS0RsDmItve1h6-sUh5wgz-eETw40xe_2jctRfhg6NBLXILxfwhd1tRieZN3rtNUaAL8B_AZZ0IUDRb9APLAfhN4sraY-Sexy6m6k8oqNBjvS1ka45mJHukM6lYKdceDskYmvHL3k_ARkh3E2Pq9feQ3i1T-H2B9kwNMrS3axIFGx-_RJDxgiZPmX2F5RCC027foLsTCc6UwtXtmp8Tv8D2A0dMfp2jIF9wr_pOfnfSFyA6qvgTEPQS6x0FHHKt5Vtz-3aZemZXZHLMM_VzdAyFX8uht7FxrNA65YaRjABICXkOOtBJIFBAgEGAGSBQQIBRgEoAYugAfekcbsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL3GAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTQ1NTIwMTIwNDI1MjUyMBgA&sigh=dFRzJuXmMlw&uach_m=[UACH]&cid=CAQSGwBpAlJWg705VmVHen_g-XrvC5cSXHm4ond2PxgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1689551033&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9nfQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689551033157&bpp=2&bdt=477&idt=146&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2285295059661&frm=20&pv=1&ga_vid=1313294219.1689551033&ga_sid=1689551033&ga_hid=1337952237&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700&oid=2&pvsid=2548312887156788&tmod=2078884273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M36xG7ZHnl&p=https%3A//bowfile.com&dtd=151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 16 Jul 2023 23:43:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jul 2023 23:43:53 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame AE60 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 21:13:46 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 331ms
106ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!4priswyaav&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fbowfile.com%2F9nfQ
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sun, 16 Jul 2023 23:43:53 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Mon, 17 Jul 2023 23:43:54 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 102ms
102ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1689551033484&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9nfQ&t=PZ_Fix_Repair_Steam_V3_Generic%20(2).rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Sun, 16 Jul 2023 23:43:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 102ms
102ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1689551033484&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9nfQ
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Sun, 16 Jul 2023 23:43:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 102ms
102ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1689551033484&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9nfQ
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Sun, 16 Jul 2023 23:43:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 103ms
102ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1689551033484&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9nfQ
Requested by: Host: bowfile.com
URL: https://bowfile.com/9nfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9nfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Sun, 16 Jul 2023 23:43:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 22ms
21ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

885a7025814cdce50719db0bf6e9487a783a7362d4fbdc708cd587af200607d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11838
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 154 KB
52 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc1416b448c1d5205a689ed288b647bbfcfe3094ebba8cb4abb19b7746e9f4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53506
x-xss-protection: 0
server: cafe
etag: 6714329244690865434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C3%2C4&c=ca-pub-1455201204252520&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-1455201204252520&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230712_103852&sat=1689402652753&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.193&alldns=0.193&allp=13&fd=(0%2C7%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1450&abl=false&rr=n&su=bowfile.com&pvc=2548312887156788&r=0.1&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FDE 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 22:02:31 GMT
expires: Mon, 15 Jul 2024 22:02:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2308 783 B
1 KB 39ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

025acea463cd3c4645d90ec7b44db9f4ec6b4d113f51cdaa6aab4879656c59c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dZIPbNgm-DTRimrdSDm4Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-dZIPbNgm-DTRimrdSDm4Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 23:43:54 GMT
expires: Sun, 16 Jul 2023 23:43:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C3%2C4&c=ca-pub-1455201204252520&eid=44759927%2C44759837%2C44759876%2C31075879%2C31075882%2C44788442%2C44796700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 9A6C 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 15:03:07 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 22F0 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 15:03:07 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 779F 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 15:03:07 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 9A6C 4 KB
671 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:08:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A6C 205 B
521 B 9ms
8ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:18:37 GMT
x-content-type-options: nosniff
age: 285917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 16:18:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A6C 604 B
696 B 9ms
8ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 19:39:04 GMT
x-content-type-options: nosniff
age: 14690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 Jul 2024 19:39:04 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 9A6C 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 23:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6331
x-xss-protection: 0
server: cafe
etag: 18044331813203521086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:51:22 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 9A6C 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 14:53:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 22F0 6 KB
706 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:15:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 22F0 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 22F0 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 22F0 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 21:59:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 22F0 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22F0 179 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 22F0 33 KB
14 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 779F 6 KB
706 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:13:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 779F 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 779F 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 779F 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 21:59:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 779F 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 779F 179 KB
56 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 779F 33 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2680 42 B
64 B 45ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN4A7qitAwBr2bNejP76AxRuwLOps_8cETd7k4VaMj4YIh8k9_N4gxHMVeBQHKY6064qNItD8FYRTcT9KHu1XoRLs4cn9cHPGYhYgtrgR45SUh1EbRYvHoH1_19xBu8wYSoUrz2D2VLWwj&sai=AMfl-YQRMLKz5uW_nwHAySjLdhs_wjStzoRkyznESzp81GDvOPLnl4hmqwUQbOv1FfgGsPJ4EQ-BnmjV-gsv&sig=Cg0ArKJSzDkiy6fij1AVEAE&cid=CAQSGwBpAlJWg705VmVHen_g-XrvC5cSXHm4ond2PxgB&id=lidar2&mcvt=1030&p=35,0,315,1110&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3313644723&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689551033309&rpt=415&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 23:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2308 0
0 41ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2548312887156788&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FDE 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 21:13:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D5A0 6 KB
706 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 23:12:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D5A0 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame D5A0 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D5A0 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 21:59:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D5A0 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5A0 179 KB
56 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:43:54 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame D5A0 33 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame FD05 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 21:13:46 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 368C 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 21:13:46 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8450 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/9nfQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 21:13:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FDE 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TUnCAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 23:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2548312887156788&bg=!dHeldyPNAAb90kgr3dI7ADkAdvg8WsWPScYRVkvZbIro79kByJDSusdpcrJ5ZZgo_C3QDlbmnolRX2zaNcfLjfr-j4f8C2J34MkCAAABSVIAAAAGaAEHmQKmccJbNan5ttiAw3wrR6S4RaXnJ00X5XpSMo0lRvI9LYfO64s2WCjyPBQSHcclR4e31Lan5bMKyVCjQ281QsRmA87NKFYaKVbANa16p_48Qk7boaB-O1FPDKVDV30X-1Qn854VcA2uJdZ1v4W8MZMbtczxCuDxPcR_TiWjC42oNS3H7HNXcts8lsY19_350hwHxsye4A1swI0zA00JvZTpjKVK7rbyB512u0lG9lcF4v9rwwVa8SGy6VAlG_6-Lr5KRsdTyUCpGykB0VbhqKAIAsctfAA4VNqJL9o79FR-uHJOLwA4iSjJ2pPERgISB0syyTUMs7IzORB9VLo0FRo_IUMmo1-hjcAVZPKg1yrGD-CgxFcUhISphU8DyJsDWV7lntomB3gEG2kf40GmA5CTrRF7jlGoLQb_XkgCmN6BpbOXQsDEYLzpfc0ns4PKywrrEduoxigXIsTziU6vnDAeLRf_dqFKSu5wVkrkFeeXUJ5N5E3zGxrJTqUqyJbxs-sglvdpw3S71wQCv2zKjAA9NsYmX3jpkXghnrBp7IkpWURCgqDdG8FNPDz5SnA_n39c5Re648DY6ido9Of9_H5z5gO8nbDCkskjUYEtj4o3T7m5fsTAm1dlN_gkh3R-SaAjNpQwyrmogiATaDWBbfmwZMHsDjhN0xwSPwS37mcy91K9e-K-rbESS73WaZX5Biklp3_vmyW8HfvA0Tz3FlsgD5LQXS9B8BJ2PJB9ha1QdZBrzo0frrJcZCVso6xHLRDnDnQ4Asbkvh6x8dPFkJAQYM4NZ0Si44_uhntWpfA-IDNAX9_oo4xtXM_Yl7G_y7CgwgSidC328DjGJblznR4Nix-5iDz-TQeDld4B9b-7CpYi7Ya9PwFdblJYTGeCeHRg208d_ACw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bowfile.com/	1970-01-20 13:20:37	Name: filehosting Value: 187kmg6rbubd5tvbapabgp7r84
wreaksyolkier.com/	1970-01-20 13:20:37	Name: GL_UI4 Value: eJw9jd1Og0AUhPmnakEn4QF8BNZS6a3xIbwkh91TioXdZlkhvr0bE72aL5NvMkEQRNUjwjVLEH%2FREc9K1lSfuBGvUrXnU9MK2QpSrRDHl4OkA%2B7GpXPUT%2BwS7JaZrOvcmmA%2FsGY7yk4axQWevPXXXLXZdIK0t6RVgXT2xlQg763ZFrZVjETTzMjeL9b4TGf6NBaxEI3nUXsOa0RmqeLyHvnHqJUflntEoi7LLMDDbSJ3NnbuRpWFSAdLihG%2BYSfJ8WDsN3LFy9WZG2Am1f37v7%2FxJmpkitdR%2BnPjLmx%2FACxVTkg%3D
wreaksyolkier.com/	1970-01-20 13:20:37	Name: GL_GI10 Value: eJwNy9EKgjAUBuDtQEZgxA8%2BwJ5AUCY%2BQFle5E09wdAVI9zGmQa9fd5%2B8AkhqMhBLuKom7LSVVk1ddlqyDfo0oFGj%2F3N8mz8D5JB%2FWbssettShZyBK5s%2FOe18qLMrAbjPKTDaah1q7qVQ7Tq%2BbiDfMLhHDgGNssWYyZBS8gIlKZCQH6z%2FA%2BkTSCh
pogothere.xyz/	1970-01-20 21:57:35	Name: csu Value: 1686337556530861@1@1689551032
.bowfile.com/	1970-01-20 22:55:11	Name: _ga_G45GX6EFX2 Value: GS1.1.1689551033.1.0.1689551033.0.0.0
.bowfile.com/	1970-01-20 22:55:11	Name: _ga Value: GA1.1.1313294219.1689551033
.bowfile.com/	1970-01-20 22:40:47	Name: __gads Value: ID=c5e1d0309f302304-223994d8bfe20064:T=1689551033:RT=1689551033:S=ALNI_MZxTIaRdCS-ncGb0zDKyCPcTIofxg
.bowfile.com/	1970-01-20 22:40:47	Name: __gpi Value: UID=00000c3e88edcd7a:T=1689551033:RT=1689551033:S=ALNI_MZ5FFawbXyGF-1Sie9lXNRDj_Ix3A
.dtscout.com/	1970-01-20 13:19:16	Name: m Value: 1
.dtscout.com/	1970-01-20 13:19:25	Name: oa Value: 1
.dtscout.com/	1970-01-20 15:43:11	Name: df Value: 1689551033
.doubleclick.net/	1970-01-20 22:40:47	Name: IDE Value: AHWqTUl4xkZ7oUPFMBkH5O3yyvWERFhWJJvOr7RexpFJu_NZhEezwZ2fG4seiwNdgSw
.doubleclick.net/	1970-01-20 13:19:11	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-234372340%3A1689551032978407&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgO1fnpraxQkXMiWOZ2fVWSa_sqUKlVJl1K5RKSJCNCmkZHQ9LwrpKRvjEO4uPTy4NHPZ0B4w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-519230316%3A1689551033047298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjjmhYGrejsFvWj_xrMLZMV-TE3RhBzogSy2lSSLudnvCt7oQxkHLeNk0KC680Wm149Tgnj&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://rurelanderpurgan.com/UXdGTEUqVTU7GiQFKm5%2Fcx8yODUiTWljJz4AICUpNFklIyh%2BBDFiLyJVam42PBFkdnR9VTUhM3NNZHhrYlVqbjEwEBklIXNNZHV8YUdydWd9VTU5Jw4eIn5na1UifCcyQH8ofXxBcXUhfEMieyd8T3F%2FJ3wRdygmaRQkLXcwTiBuOA Message: Failed to load resource: the server responded with a status of 502 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-1455201204252520&fa=3&ifi=4&uci=a!4&btvi=1&xpc=2niDI41AES&p=https%3A//bowfile.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
affelseaeinera.org
bowfile.com
cdn.tynt.com
d1zjpzpoh45wtm.cloudfront.net
d2oy22m6xey08r.cloudfront.net
de.tynt.com
dfearinglestp.info
dgemanowhowe.xyz
fonts.googleapis.com
fonts.gstatic.com
fulheaddedfea.com
googleads.g.doubleclick.net
ic.tynt.com
neoftheownouncillo.info
pagead2.googlesyndication.com
partner.googleadservices.com
pogothere.xyz
region1.google-analytics.com
rurelanderpurgan.com
t.dtscout.com
tpc.googlesyndication.com
waust.at
whos.amung.us
wreaksyolkier.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.173
104.21.63.209
104.21.83.228
13.249.9.26
13.32.99.125
172.64.199.35
2001:4860:4802:32::36
23.109.87.108
2600:9000:218d:5400:c:6917:5a80:21
2600:9000:26da:fc00:3:bb01:eec0:21
2606:4700:10::6816:4bab
2606:4700:20::681a:507
2606:4700:21::8d65:780a
2606:4700:3033::6815:254f
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200d
2a00:1450:4001:811::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a03:2880:f173:81:face:b00c:0:25de
52.20.131.174
67.202.105.31
67.202.105.32
99.86.4.46
00e6f46a4479c492e64b0749a0d7e84313c3113679e278d5c4d795ca797f7c1e
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
025acea463cd3c4645d90ec7b44db9f4ec6b4d113f51cdaa6aab4879656c59c7
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57
093ecd09286d32b960e81472b6b19161230bd2df200e17e0476cd04245abadc7
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
227c8e646d6f995c23826510fe61f38df7e64a68f06025353545995db58d8ba1
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
29321a92db2f9d2a1ad9447f2f6c85244e05e6ff41159a0637b17e79c57e4b28
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30ab7f0fa559536cc2bf0a632737870798a23587d36d9fe6558e8f28436d8b54
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5db239494a216032d8575df7657ba44f2429007f2cc658a55b1443222aa408cf
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b8e83a5949429e08ba1db93858540c5877edbcd5e69716efcaa10e09157cef2
6ef1e350c803cfa894263d02b69237019b41e8821b9400071cfa3dd39491425a
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f37637cd2f01eaa3be0ac56d4713f74841e06db08136d5649c94b2123aa64db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e
885a7025814cdce50719db0bf6e9487a783a7362d4fbdc708cd587af200607d8
8c699a3459b2a55e321ee35d0e24ca4d43847f0cf9b83a1e765c3990285a38e4
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
af3dd2576cf7d964863b1a954bb49a8e624a0093ecfef7598d139d189053436b
afcc94e527758ea4e9ea6f66be35cb2c9ceb80cf3d7524938662d7cef1f3d54d
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686
bd93a9ca62d0855078d0ecfd5a77b781e97efccfdfd7a7ed17d967f541146350
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c94d388ca766f28cd27988f7915a476778adb13befa7d0c5683abf099e88921e
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d5d5eada7c11850e0c937df1174d7f5c693fddfbc8c9b22f0401e7766ea87288
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dacadd31d8927708a5fbf4b4dd5b65a1258295c836c073e31c9cb4b8efc42601
dc1416b448c1d5205a689ed288b647bbfcfe3094ebba8cb4abb19b7746e9f4cf
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b134190f874dd9a0a6970090c8f9a85f2bd4ab784877c96e5bf02b936dc89
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
e78bf9d288acae59016d02faa65559ff2e273c9bf6730bb16f47a4c5a36b1110
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11acea173292046b6a3c38ec05ec5cbbaf3d51edd654588b43ca16192d70118
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fb45f99791b77b7349d064ca6ff96f83a698f528ce7311da4878ec2095199dcd
fb648f79123ab2e6e89fcf08a5dc5017b11882389a1c244e34e26e3f35478418
fba114336e5b7612da9f919dc55c9579e0f2612db9545be387f9dcc7befc3f1b
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

bowfile.com Open in urlscan Pro 2606:4700:3033::6815:254f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

63 %IPv6

24 Domains

31 Subdomains

31 IPs

4 Countries

2615 kBTransfer

5587 kBSize

13 Cookies

1 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bowfile.com Open in urlscan Pro
2606:4700:3033::6815:254f Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

63 %
IPv6

24
Domains

31
Subdomains

31
IPs

4
Countries

2615 kB
Transfer

5587 kB
Size

13
Cookies

138 HTTP transactions
5 data transactions