bowfile.com Open in urlscan Pro
2606:4700:3037::ac43:cde6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bowfile.com/9sYa
Submission: On May 12 via api (May 12th 2023, 8:02:28 pm UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 23 domains to perform 120 HTTP transactions. The main IP is 2606:4700:3037::ac43:cde6, located in United States and belongs to CLOUDFLARENET, US. The main domain is bowfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2022. Valid for: a year.

This is the only time bowfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:303... 2606:4700:3037::ac43:cde6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	172.64.199.35 172.64.199.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.154.63.48 18.154.63.48	16509 (AMAZON-02) (AMAZON-02)
6	172.67.150.94 172.67.150.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:830::200d	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:2200:c:6917:5a80:21	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.91.159.108 142.91.159.108	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	108.138.7.47 108.138.7.47	16509 (AMAZON-02) (AMAZON-02)
4	172.67.218.114 172.67.218.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223c:c600:3:bb01:eec0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
16	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
120	29

26 2606:4700:3037::ac43:cde6 (United States)

ASN13335 (CLOUDFLARENET, US)

bowfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.199.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.63.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-48.dus51.r.cloudfront.net

affelseaeinera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.150.94 (United States)

ASN13335 (CLOUDFLARENET, US)

dgemanowhowe.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2200:c:6917:5a80:21 (United States)

ASN16509 (AMAZON-02, US)

d1zjpzpoh45wtm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.108 (Netherlands)

ASN7979 (SERVERS-COM, US)

sarinjowel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-47.fra56.r.cloudfront.net

ntoftheusysianedt.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.218.114 (United States)

ASN13335 (CLOUDFLARENET, US)

practicalwhich.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:c600:3:bb01:eec0:21 (United States)

ASN16509 (AMAZON-02, US)

d2oy22m6xey08r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	379 KB
26	bowfile.com bowfile.com	1 MB
9	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 40 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	5 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12336 ic.tynt.com — Cisco Umbrella Rank: 7854 de.tynt.com — Cisco Umbrella Rank: 1722	8 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	99 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	136 KB
6	dgemanowhowe.xyz dgemanowhowe.xyz	2 KB
5	cloudfront.net d1zjpzpoh45wtm.cloudfront.net d2oy22m6xey08r.cloudfront.net	53 KB
4	practicalwhich.info practicalwhich.info	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 21947	202 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	158 KB
3	ntoftheusysianedt.info ntoftheusysianedt.info	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	3 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7680	696 B
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 12561	2 KB
2	affelseaeinera.org affelseaeinera.org	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	603 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12114	183 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
1	waust.at waust.at — Cisco Umbrella Rank: 38979	7 KB
1	sarinjowel.com sarinjowel.com	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
120	23

	Domain	Requested by
26	bowfile.com	bowfile.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	bowfile.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	accounts.google.com	4 redirects bowfile.com
6	dgemanowhowe.xyz	bowfile.com
5	ic.tynt.com	bowfile.com
4	practicalwhich.info	bowfile.com d1zjpzpoh45wtm.cloudfront.net
4	pogothere.xyz	bowfile.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	d2oy22m6xey08r.cloudfront.net	bowfile.com affelseaeinera.org
3	ntoftheusysianedt.info	d1zjpzpoh45wtm.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	bowfile.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	t.dtscout.com	waust.at t.dtscout.com
2	d1zjpzpoh45wtm.cloudfront.net	bowfile.com ntoftheusysianedt.info
2	affelseaeinera.org	bowfile.com
1	www.google.com	tpc.googlesyndication.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	bowfile.com
1	waust.at	bowfile.com
1	sarinjowel.com	bowfile.com
1	www.facebook.com	bowfile.com
120	30

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-20` - `2023-08-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
affelseaeinera.org Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
*.dgemanowhowe.xyz GTS CA 1P5	`2023-04-02` - `2023-07-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sarinjowel.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ntoftheusysianedt.info Amazon RSA 2048 M01	`2023-04-27` - `2024-05-25`	a year	crt.sh
practicalwhich.info GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://bowfile.com/9sYa
Frame ID: D942EDB77EF96885CC2307DF129C843E
Requests: 82 HTTP requests in this frame

Frame: https://ntoftheusysianedt.info/MDR3YWZRVhQMWVEJFUcTQlhKRFR2EUUnAgFOHREcQFsfVVNHQBpPBVxbAgUAQlsZFUheUQNEVHZlEjRWAWZGOAd5WAQJB2EEHDQ+QEIjDzd2UhovAHoELg4pcVgABwFhcycjU2p1HlkzYHEuMi9ZUxogC3VdNhgNeVBEIDB8cgQGBwEMGDYfYkYkJhJlfQ0zI1VmOhssWG0aIiJ5AD8yDmR4HQYFe2Y6GCgAZRA2DAARRScgY3IiOAthEUUnA3JARAJWRA0/NScVBjEnH1xVOiIwU1IANBZ5WA9EVHZ2LzsLZgdHMAJyZhQHEWVDJxkCB3UgKwp/BhApAkkBJwQ0HUweOyNbRyU1BQZ8MxE3emBHMClidkYkI0gRRSMnXVgbNVRXfBNSUmN+IiQXf1gPRFR2UBorDWNnMQIqdHoUBxFlUzoZCV1jGlQcYwdGNipJZSAoIHJdLSVfCHY/M1JjYzogBWdyOzgRSAUUURIJZh44EXdwTgI/XWVSUyBVdS0WA3VEQCQcekYkKQFzUEU7KlZDD1E8AERPI1VUXyMwQFpHGA8WDX80MSNjWDIYC0FHIhU3WwM
Frame ID: BF5A7B8A3C349136C87895CE6D95724C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: C116DA25026D59D5CA3FBB52BD459FFA
Requests: 1 HTTP requests in this frame

Frame: https://affelseaeinera.org/dHVReE0VFzIVchVIM144BhlsXX8yUGM+KUYaKEp/GUMpHTRETSNWLhgaJBwrBho/DGMaECVdfzI8BRQfJCcJFzk7DBQSHyAaaDN+HDE0LwtRRxccfQwaARI6BTMVTT09DzJMBDA8CBwmTAQZPDUeMTspOhcbBxsEHiA5MSYQGhwrCBknYkE0OBwUIS5GNyE1HBsdAUsEAzMSFzU/JiYtBg43ITUPAA8eKwxRRxc9ND1BHRUPPTYWPiUQI2hAFzMWKD00NQIYPAQ+FGMiaEYzGg94Bi8/QX0nGBMTLBosZRl/LlBjPgAcODYhIwASAik1DBMJLQ4RMhMVFDEddEoPOiF8QHwyHCISBh0WAzI0NgQ1AjVDL2IQPyctOQArLCMCMhkDQho6FwYvNgAqJz1lTAcdQTcZfy5QYz4EHE0lKDQ2BglLNR85EkgEPSE6CRQxEhgiFUFHBzB4QhA/NgMSPSFKKUVMaSIJAx4ZO3UZPzw6BDcyF0AuGCdoISAfAgNLdBwQGS4GEjILSikfAWgiFUVEAjAiUh8iFyMESD0KDxoTBkt4ED0i
Frame ID: CDB9056334E5246794B2BCB5544F8501
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1683921742&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbowfile.com%2F9sYa&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742696&bpp=22&bdt=413&idt=201&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6749078188984&frm=20&pv=2&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: FA4FBB796034B7E1EC4CE53E793B2FFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1683921742&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9sYa&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742718&bpp=2&bdt=434&idt=205&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749078188984&frm=20&pv=1&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i34PgD9QkU&p=https%3A//bowfile.com&dtd=215
Frame ID: A2592E8E3329FD6F018375C45A5B56CA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8256053C18FE0BD2100A4CBD9DA23441
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 54700BB39321406D1F9207A4FDE5FBEE
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 49270D79401A7873BC03039595DD8495
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 0A84859C2EBD4A8FB960EAF32BC7B468
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 7DC12E9A3FEA10DE5224A03C4C30FE65
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71202EC64A4691094E8DA45EB83F7726
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E6359A089F1DA3E6BE103135834F537
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SOM_IllustrationForMotion_DownlopadPirate.com.part4.rar - BowFile

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

98 %
HTTPS

71 %
IPv6

23
Domains

30
Subdomains

29
IPs

4
Countries

2323 kB
Transfer

4777 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFG710rrl4wFxqN-V-caUfhi9paifAbk1Rl0vJORWu_juKaowohRpXXn-qoI643F8oZrXz3Sw HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1291921324%3A1683921742552730&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPlDFqKoS_FmWhS2eQ5EQccIy5vHNidni28R9HcbhZp7MZr2CMFfBP97IHfto2jBGtNvy5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 21

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEAAOnrbpgFYW6bcnFiTVjF2Gz9izmyUJ_OwsORPVyhZIHaOyj2QF2cL6CWuiR9IpwEb8rAkA HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-904980040%3A1683921742528149&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEzRK7Z5CUlB1W8KGxipM5loe9zhkuWT6u7a0VwfYHTVJLe7xyvSqsGgLmAJpi7gVAv_30NnQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

120 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9sYa Show response
bowfile.com/ 420 KB
119 KB 448ms
404ms Document
text/html 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f791fba9a1705d0ed1d1f4e42d7f0f87d8bd1424fa59bc10dcbb4a446dcb9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache public
cf-cache-status: DYNAMIC
cf-ray: 7c6542486c4b3a94-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 20:02:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFe0q%2Bg7daOiL%2BR8%2FzwlbT7FYqeAoZ2N9IZzJm%2FKlTyE8UICYvv%2BPAPSm7mSyxwSOxzFAoLI5xB5FZhU%2FWhaSBXWuXsXFf5knJURqm%2BZtqh2PkDB4p02XoaAKNVgQLoSeZPdrngdhqQ3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 75 KB
13 KB 26ms
23ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5461
etag: W/"5f8bebbe-12c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1FUEw54tIyhY3xAS7ac0ukcjyMCGUepZcr%2BDB%2BhrPLTyIzAqYJmOQV7aZ22b2wwGYhM%2FIY%2FqWyWxeFu0Wnh%2BCuxc7cH7pbGrEBons10BZlprGHUoZSqab1R%2BTo2Ii5ttx7IRoG904sZgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542495d7b3a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stack-interface.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
810 B 27ms
23ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=3160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODzOHnfBVEuBBvW2aKWdQi6Pldt%2FiOEk4tqVkWYYCcAhzGZJT47m5txBKW5lV9PQigbiAgZ%2Br7%2BL7uV%2F3p5zSmCxSQlbDsOXVO3Y%2B3RnSvdd9M8enm92CKHmqZ2R4XDHer6bsLcYu3vtTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542495d7d3a94-FRA

GET
H2 200 socicon.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 37ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/socicon.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=9838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-266e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V0pr02sL2jD3hCDrrl3HpuQMB8SAdVu%2BL7ykPd5%2FtGgxtNVPFCO8a232UbEYvq0Icdua7RUapkTWef5h9GVRMNGpHQn8kAxRKPjZMUaRUAn0CFkCtkNjB4x6%2B9jEn7iFb%2BibjB2eylwcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d8f3a94-FRA

GET
H2 200 lightbox.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 45ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5461
etag: W/"5f8bebbe-f31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhA2K%2FFR3lL9AO0pv3gO6wXQHHWyt5ZWWjXn4IMXFlUWnnIqlmA%2F6ol9v2NDuG%2FPBNG6dLsn9a7CM%2FHVwC9ShW6%2BN9eKnX4ZSLKFq1lhmDa77M1rszyXaz%2BjBN5eiHqWio99vvzWO7PFpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d903a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
892 B 30ms
27ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/flickity.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=2521
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-9d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pUJ27Xnba00PilLvMrOx41wselnek5Z8L5%2FxFs8A0R2yhei9a2BVSym0KJQD74eaGzjuNSGG7mVxGZlvNI5fJet8XRsozOxrqLlGhVvKI2EvM7DZ7nVmAV5KEDHd9w7%2BAK%2BZLicxbLr2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d913a94-FRA

GET
H2 200 iconsmind.css
bowfile.com/themes/spirit/assets/frontend/css/ 80 KB
15 KB 35ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=102727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-19147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DH4VHdEcPRC9Omqfr%2FPoxCGEV8qb5USmNfPgen4ooTaS0SB8J1FuaKHUVkPQrMl5MrvCsxZ0MVVXVGxcgRfAk2hApKphVRLrVWMRdVnrDn8XBWqvsfIckvRQEFPOnh3R78lFdWR75S6omA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d923a94-FRA

GET
H2 200 jquery.steps.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 28ms
26ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=6019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-1783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ypp4QZJbUGRNL0pxA%2FtBsVk9Vb9QkfBW4G971ylo3ELmSoVYXFy1pQrAI2ex9JNq3vtTcB0eNj8aiVYvQFSct6ceMwHDYntPXr5ms51%2BBHiTp6hPneg2VQi5kaUDx6sDwLmtmakRoRJMQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d933a94-FRA

GET
H2 200 cookiealert.css
bowfile.com/themes/spirit/assets/frontend/css/ 12 KB
9 KB 33ms
31ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=12369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-3051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0g%2FvCVb9XZP%2BIzYTfCQiKvQur8vHzUVnoDbms7AMZlyLop5QYfmN9Z3I4NEo3fFfY%2FyKlRBi9vjnsPbSkko2fHiZU8xIOAnACzp6%2B5VuRwcDn1q3cyGGLg75HX0z0UgGnnq9ArtI8Yzzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d953a94-FRA

GET
H2 200 theme.css
bowfile.com/themes/spirit/assets/frontend/css/ 159 KB
28 KB 36ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=207645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 22 May 2021 14:46:41 GMT
server: cloudflare
etag: W/"60a91951-32b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD1yn2uAlz2X6c3qKdmQPkinIawsSywwehxvtTZLozsNncHiYT%2BxrIrFATLG%2ByFXmJ4UAO43AMf%2Fcuy3vyBOLkae4tfLc8cp%2BIv0xM2r623eehecZgJnoZZ2FJNipYw0f9IVRo%2FphA6u%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d963a94-FRA

GET
H2 200 font-awesome.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 58 KB
13 KB 35ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5461
etag: W/"5f8bebbe-e6ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIklAoVUmb8nfUVqG%2FifgkwqVxgGn9Yj963GZzCo8MIeUEiuncqTDGHIRdr60knMtWY7gX5idDIyYMy4eVy%2F0c4rfgKQb9E1%2FYsxOQENPzJADmdU5mkIpBJwDka8bJ8mOebFUoGywSqGUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d973a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 custom.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 31ms
29ms Stylesheet
text/css 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/custom.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
cf-polished: origSize=8936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Feb 2021 16:28:48 GMT
server: cloudflare
etag: W/"601c20c0-22e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMPMl2ypjI8nzrc3gHV3VqwjWklXRH0pVE6ZjqQpwu1l7SMIi%2Ba8B8rcfrnkjoM8%2Bd0B3FRwcHXXZueRFx4bVvqsaxH6ieYRdIeQ%2BGorrrg78qS1cQl3xcCc%2BQSNr27VIlnjQzCYom4H%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c6542496d9b3a94-FRA

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb45f99791b77b7349d064ca6ff96f83a698f528ce7311da4878ec2095199dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 19:42:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 52ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:02:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 53ms
15ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 12 May 2023 19:19:25 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47izdZmmGjLxEwENrNjDOwte8YdICVNxUoXK9%2FTO%2B90sMSdD7iq0i%2BTqv7P3oaHTB%2BsjGTsGhxWI1wTWefrPptfbkV4S%2BrwxXbHMhfsJqWuycb%2FMRqMXSQbVQqQtw2I5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c65424a296b9122-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
365 B 148ms
111ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8402898f3fdbd981270ccb8c17d4386bfee55e0e115427b6ab771fc6601822f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euwchaVvxZaDcWCfhPIbNB0vlSsSwCutQaHQL4M5KduqmRBm4gsvEUaqSfrl3xwEraevuGvBC5pS%2BJpdOo9xKVIE9OXcgDmXIaDacDpdmrg7y6cWNK3eHgWGBMfIoPj9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bowfile.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7c65424a296d9122-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
affelseaeinera.org/ 0
535 B 156ms
110ms XHR
text/plain 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affelseaeinera.org/utx?cb=iAyJTavITT3W&top=bowfile.com&tid=954851
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:22 GMT
via: 1.1 ea3d06e94081b5e61e2cf220951142d0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: L7k16OXKV_4JMlpfczKeJ-bzzhBqrXlRd7zjlCLVHf0l7H_6yocA3A==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 61ms
29ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 12 May 2023 19:19:25 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljh%2FR5i7du1AX9D79FfpJN4tEGcgdP2LO03b7iFN11m97yHb01qUP9tYhVlwqo96wQMdEkEcoIkQtlKweqnmp9E%2Fe9ymjxRVTEC6PzbKYGP9rhRIUhjqlcxZFsUkv86E"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c65424a296e9122-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
350 B 147ms
115ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdf6199f3072c6d1f46dd3b9141cd665c944a0afdf0718a8f9ccb7b30eb19c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7sKJZ%2BuQUwSMS8cKBL4ZeZzHN1frB8vcm%2Fh3xDoPzbi4sNg5oMKWaKWmW467O86MZwQsAIVkvSnWogeOuzIzhiRektuJn49WzTVU8SGXltvyeY%2BHsVddqPEdiPZVz0Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bowfile.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7c65424a296f9122-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 cmx6azZdUxkYCyY7IC1gNi5LPW40ATsjDyoPLSZxFCowU2wzJVwfXxZRQ14CSllLTUYbCEdaEAEYGx9DAVFLTV8cChVWEARRS0UFRkJJWhhASg9WB1QYCgpRT11cG0IGAEdaAEpfQ1kHRVhIWA5H
dgemanowhowe.xyz/ 0
250 B 144ms
101ms Image
text/plain 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/cmx6azZdUxkYCyY7IC1gNi5LPW40ATsjDyoPLSZxFCowU2wzJVwfXxZRQ14CSllLTUYbCEdaEAEYGx9DAVFLTV8cChVWEARRS0UFRkJJWhhASg9WB1QYCgpRT11cG0IGAEdaAEpfQ1kHRVhIWA5H
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f63bVYq0CzhRPcXqNCdSVYi9n8rzU7t%2FsEh9Z6Xpx4BrQ7J2wddy08O9k8kuVOsd30cQOQHgmTeqJNoex6y5%2B3Gx4foKH3Mh7XOD2UtJTFZjFb8AnaISvwHAtbGHrti6UUrF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424a3d251ad4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 208ms
189ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFG710rrl4wFxqN-V-caUfhi9paifAbk1Rl0vJORWu_juKaowohRpXXn-q...
https://accounts.google.com/v3/signin/identifier?dsh=S1291921324%3A1683921742552730&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPlDFqKoS_FmWhS2eQ5EQccIy5vHNidni28R9HcbhZp...

0
0

46ms
46ms

Image
text/html

2a00:1450:4001:830::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S1291921324%3A1683921742552730&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPlDFqKoS_FmWhS2eQ5EQccIy5vHNidni28R9HcbhZp7MZr2CMFfBP97IHfto2jBGtNvy5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Server: 2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 May 2023 20:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uvMu1lndiDn56sge49ImMA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 390
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S1291921324%3A1683921742552730&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPlDFqKoS_FmWhS2eQ5EQccIy5vHNidni28R9HcbhZp7MZr2CMFfBP97IHfto2jBGtNvy5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEAAOnrbpgFYW6bcnFiTVjF2Gz9izmyUJ_OwsORPVyhZIHaOyj2QF2...
https://accounts.google.com/v3/signin/identifier?dsh=S-904980040%3A1683921742528149&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEzRK7Z5CUlB1W8KGxipM5loe9zhkuWT6u7a0VwfYHTV...

0
0

33ms
32ms

Image
text/html

2a00:1450:4001:830::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-904980040%3A1683921742528149&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEzRK7Z5CUlB1W8KGxipM5loe9zhkuWT6u7a0VwfYHTVJLe7xyvSqsGgLmAJpi7gVAv_30NnQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Server: 2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 May 2023 20:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-de9ERjarY45kGnK1JtmQng' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-904980040%3A1683921742528149&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEzRK7Z5CUlB1W8KGxipM5loe9zhkuWT6u7a0VwfYHTVJLe7xyvSqsGgLmAJpi7gVAv_30NnQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
dgemanowhowe.xyz/ 35 B
545 B 58ms
16ms Image
image/gif 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 14:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 106987
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCa2FcseyWk5hBnrFxdlHU4esDPdh%2BvG1%2FQ2D0cRjpU5SIiXUTbkAXLj0zvaeJPZPm6cQnSw5sZgI8n7kPnB64jmmo4ckkpjb8DrKHhRgH7zrkIzShsIn0exSC6bxJg22p1R"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7c65424a4d271ad4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 RjUuIj8PZXw+IlQ7Z3E6D2R0Y2IDempxOQ9lfCM8UzNnZmpCIC47cQNiYmR1AGVtY34BbGM
dgemanowhowe.xyz/V0wyVFp4c1EnZzUJYA4AEHVWNx0nH2USNiAVdCw7AAR8Mw87LxQgMzNxC2NvZ34Ecio+KA9nb3E/ 0
243 B 236ms
194ms Image
text/plain 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/V0wyVFp4c1EnZzUJYA4AEHVWNx0nH2USNiAVdCw7AAR8Mw87LxQgMzNxC2NvZ34Ecio+KA9nb3E/RjUuIj8PZXw+IlQ7Z3E6D2R0Y2IDempxOQ9lfCM8UzNnZmpCIC47cQNiYmR1AGVtY34BbGM
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg%2FkbklSuIM1XTFbMU7P5KNwmo9a6tsfXRaIod7x3QTOU3MmH3ubIfZDljICt4afq%2BWc4oS9P7IanA7fW9CAvnWE3u8xtKq9RwKNl5hbyaP%2FUodmQmJMCapnJ08F0N3iS1Zc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424a4d291ad4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 REFTZUNrfjAWfiUXARURE3A1BxUweAUjMyMWCycaHHMZNCACLnURKiB8alF6dXhiQzMtJW5Ue2IyJwQ3MTJuVGUtLzUKfmI3blRtdG9hS3FiNG5UZTAxMgJ+dWcjETcofGJTe3d4YVR0cHNgXHA
dgemanowhowe.xyz/ 0
249 B 156ms
114ms Image
text/plain 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/REFTZUNrfjAWfiUXARURE3A1BxUweAUjMyMWCycaHHMZNCACLnURKiB8alF6dXhiQzMtJW5Ue2IyJwQ3MTJuVGUtLzUKfmI3blRtdG9hS3FiNG5UZTAxMgJ+dWcjETcofGJTe3d4YVR0cHNgXHA
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaWt6bgwDaDFmVkELuNOQ55sQ1qRMG%2FAYPM7YiNsXGPLuHB6D4G1fzV4moqeG7Hg85HZg1STae8jHc4rjJxT%2BJZaJTIrKlm%2F%2BQpEPnFEfQIYNaHTfS6I4%2BaIJLRKwQ0i%2Bwgm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424a4d281ad4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lg.png
bowfile.com/ 788 KB
788 KB 18ms
17ms Image
image/png 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/lg.png
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 00:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5170
etag: "60a45bb0-c4e0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9Ati0X664%2F7Vr9irsOeAiNPBiTaQgpxbWnpLa8JRs%2FbOjvjo9q46lyBdBacrBtNsSTlbiUyITk08CDGkj9ntKJ%2BPuQaV9z2PzHhiFlMGIz8b%2FkEtIgeE3woxXnNCUMpRlKtR8G2GEA7vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c65424a1e612bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 806415

GET
H2 200 / Show response
d1zjpzpoh45wtm.cloudfront.net/ 180 KB
51 KB 222ms
168ms Script
text/plain 2600:9000:2057:2200:c:6917:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2200:c:6917:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a21da05a41ae1cb4477e9e0e184084509c039896b880d0005dd82c4cacea9806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 51540
x-amz-cf-id: bOsY-efv8q6vBlYda3-n-S9A2eQXTqZj2K5D0P2mUI5ZumeGJ9Wujw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 103ms
76ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15daf41355c0b0acb78ab00350fdf22ed995ec342b105d55c9aee12cc8baa9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47330
x-xss-protection: 0
server: cafe
etag: 12443120482601284372
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H/1.1 200
OK 55183 Show response
sarinjowel.com/t618YYfrJaRNt3/ 5 B
1 KB 117ms
21ms Script
application/javascript 142.91.159.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://sarinjowel.com/t618YYfrJaRNt3/55183

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.108 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 20:02:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://bowfile.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with

GET
H3 200 jquery-3.1.1.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 85 KB
31 KB 41ms
39ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3559
etag: W/"5f8bebc0-152b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyq5F7n9YpbdIK4LHVTr3phDf7QCDwLyMpjWRvJIuBg07%2F%2F0hnIlDAANBGTILNWRIqRCyjLYgpPftAapYsbVdY75gBVDogGIAXUJbGsfgYrt0bzxDyyUT7yKqtzPOGqNor9D4PVZyMCq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e812bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.dataTables.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 68 KB
20 KB 28ms
26ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3559
etag: W/"5f8bebc0-1107a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls2i6tjGtljf6hc8TGJbcJKHWL1AW0ox0Ek1MsLG3fDbwKvQmYPC1lkDckbUKTAeF%2BhPYeJWlEJpUbKFayxhlv0xLGP09XZoUGasNdCoUh8GlIJDaXs52RbT%2BbJ0MhMA3Br0RpZ8%2FnoCnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a1e672bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 flickity.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 53 KB
14 KB 104ms
102ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-d271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srvztG38%2Fnd6EkhrkOFgnRQS5wSErhAOGNxgenrHI%2Bj%2BGysMSNqLHGYYeCbOdW2YJw0HorklJKWZ2C47XWPJcFSzTxJzbqozTyJcUyBPeuo%2BU4BH62rwT6lJeTpx6IFtfYdQbVlpG8WPuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a1e692bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 typed.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 4 KB
2 KB 105ms
103ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/typed.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-f6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjBJixPpf7rkcnkATZFeq6iKjVvjjUi254tjAA8jCA7oKc7eW%2BmeJAGlj%2FjQeZMox%2FB37pIOy5vxU8SyCKfYpzpWraHzA6R26SEscy3aHOw3ugxp%2Bn48GZieXN3%2BlfXz%2FL4PeU%2B88TMw0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a1e6a2bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 datepicker.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 20 KB
8 KB 105ms
103ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/datepicker.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3799
cf-polished: origSize=20975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-51ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUSz9t%2Bd3MyFF65K%2F7rOAtCouimSbnpTHrmDjF6o37GGP%2FN94rBnp2MDl8cbJe32x48VojxoJr3%2FgBc0YSZjdRPFaZ6kY0GiIQgBOCBCXfj%2FpKzVXTrPWtDv7gne8JOynDJa75Z5Z3%2BduQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e722bf6-FRA

GET
H3 200 granim.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 10 KB
3 KB 105ms
103ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/granim.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-298b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXXp0GES1S42MkHACQ1iP4xGru%2FM4XMP2EHodkxayrB5UdkHJ6KON5ztHe3vAQjwNTkcZzXATRAUNI60iZYwZ9442JUBm%2BzF7qsc7Z8SrgJhMO97Qdc%2BoWBm0cmu04jMUw6eSHeTs1xEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e752bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.steps.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 14 KB
5 KB 106ms
104ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-3626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdt%2FLuhHZhlfusgVaNSzD%2BxQiAjTG27GwTjWzUJ8VpWkMsgrYSeEX9IL%2FT3WRcLQv6sjwU5OaXrqNtyO2f0PGSADz7J0384%2FORfFKdLyZ3NcX5ouUpVRLKIc%2BYQwwuzu2ffT9CQa5VeN8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e712bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 countdown.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 5 KB
3 KB 106ms
104ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-14f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHHaptM3RsUt3EK%2F%2F0mG3kH8XfaF1ummmGi%2BAHlexkH1VUDdA5YvyF%2BMB0ZI92ygfuAk7cCuU9cMXt%2B817kaIgPZu7gQHF3e4Wct3Hfck35wcCm%2FH0JfNjvJGurO7Y5MqUHoD10ODk7J3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e7e2bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 smooth-scroll.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 6 KB
3 KB 106ms
104ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: W/"5f8bebc0-178c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD0jAT0KP5HOHQHI7W8nj0hZOy1doArw12tNfT9Vqb3QPJppVRzylwWg4hhHXt45o5j3cnXaDmj8qux6oCaTzTGdKvL5RU59NLQH9P4VzMSZHlfgwDY8Sg0%2FUSVVkcP5TevqLVYqXZboJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e7a2bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 65 KB
17 KB 106ms
105ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/scripts.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3799
cf-polished: origSize=114862
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-1c0ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYoJYUx29HqTpDon1KZiGLSzotfKkqJnDT9nilJsaIkL66jh9OW16kiLczcwPwdUNbcl%2Bc%2BQC%2F%2FTNhCu64VfFuvjqHeuiw62%2B2l4FPYN6Iw4lly%2FJlu5SKjaXZ%2FGFppx2p%2FBc1fou0riZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e7b2bf6-FRA

GET
H2 200 c.js Show response
waust.at/ 13 KB
7 KB 47ms
17ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3460
etag: W/"63c04130-32c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOW5ALcMla9%2FIk60UWiYOqa%2FVQgaxk%2FgAGRJqBt3vehHlxd54GLSV0C5oQ15rCwO5m8dqByOgkkm2lxtW82MuBoopvX6g%2B4wx8OVZYHKwBvktc1cydC5CzKwJD0S7HQSfrQjEjZT"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7c65424a4f7abbc8-FRA
expires: Sat, 13 May 2023 19:04:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 79ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a775df3ca65dd9d5e65a2a719d740e377831812ee419d43d6141365143c0453f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H3 200 cookiealert.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 935 B
1010 B 106ms
105ms Script
application/javascript 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6326
cf-polished: origSize=1836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTmJ%2BRi1bBr3JxLscDDeQjoC3PVnqIMAfr51OhP%2BVBdALHHg%2FJ7euij7%2FsGeAeolSklkzgpaB0ybjcangflVGZfdwh6eiP1qU6bKHY34yvE5bKxQbzlzLw9ocbT0RVvd7NttJSsnWlpo6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c65424a2e782bf6-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 67ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 589238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 00:21:44 GMT

POST
H2 204 Q0YWUHcFSglXZkBHClBoQ0YLU2NARQxEJQAWX19gVgdMFj1NRg5aYklFCVVlQkEKUw
dgemanowhowe.xyz/dzhiUXBYBwEiTTlgMCUlP1MsA0EbUTEAFDFvNTUgNX0gBCkyS0QlGRMFW2RETw1TdwAeXF9gVgRMAyUFBAVRYUBGHgs/FhgFUmFARh4UbEFZC1Z/ 0
240 B 119ms
118ms Ping
text/plain 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgemanowhowe.xyz/dzhiUXBYBwEiTTlgMCUlP1MsA0EbUTEAFDFvNTUgNX0gBCkyS0QlGRMFW2RETw1TdwAeXF9gVgRMAyUFBAVRYUBGHgs/FhgFUmFARh4UbEFZC1Z/Q0YWUHcFSglXZkBHClBoQ0YLU2NARQxEJQAWX19gVgdMFj1NRg5aYklFCVVlQkEKUw
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXeQ4mlQCX5JDKIbsTHJRT3FZVkupro06cPhMEcveBMW47I5u4TngDQqiRmjWPfL0dfuuzpqXjvjrr5Yl7FCgKVrTZdIj5DY4S0g5dFjDik0amtWWxPszybsBK9268WfFvpj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424b6e611ad4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ntoftheusysianedt.info/ 0
533 B 227ms
193ms XHR
text/plain 108.138.7.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntoftheusysianedt.info/utx?cb=XzQfuNx15xuc&top=bowfile.com&tid=979095
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-47.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:22 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: lbjoeXyYi74XoEG0ScE8U6718wo2f2R_dvUjjyYgCaldvl3efUmWXg==

GET
H2 200 XWVSUyBVdS0WA3VEQCQcekYkKQFzUEU7KlZDD1E8AERPI1VUXyMwQFpHGA8WDX80MSNjWDIYC0FHIhU3WwM Show response
ntoftheusysianedt.info/MDR3YWZRVhQMWVEJFUcTQlhKRFR2EUUnAgFOHREcQFsfVVNHQBpPBVxbAgUAQlsZFUheUQNEVHZlEjRWAWZGOAd5WAQJB2EEHDQ+QEIjDzd2UhovAHoELg4pcVgABwFhcycjU2p1HlkzYHEuMi9ZUxogC3VdNhgNeVBEIDB8cgQGBw... Frame BF5A 3 KB
2 KB 118ms
99ms Document
text/html 108.138.7.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntoftheusysianedt.info/MDR3YWZRVhQMWVEJFUcTQlhKRFR2EUUnAgFOHREcQFsfVVNHQBpPBVxbAgUAQlsZFUheUQNEVHZlEjRWAWZGOAd5WAQJB2EEHDQ+QEIjDzd2UhovAHoELg4pcVgABwFhcycjU2p1HlkzYHEuMi9ZUxogC3VdNhgNeVBEIDB8cgQGBwEMGDYfYkYkJhJlfQ0zI1VmOhssWG0aIiJ5AD8yDmR4HQYFe2Y6GCgAZRA2DAARRScgY3IiOAthEUUnA3JARAJWRA0/NScVBjEnH1xVOiIwU1IANBZ5WA9EVHZ2LzsLZgdHMAJyZhQHEWVDJxkCB3UgKwp/BhApAkkBJwQ0HUweOyNbRyU1BQZ8MxE3emBHMClidkYkI0gRRSMnXVgbNVRXfBNSUmN+IiQXf1gPRFR2UBorDWNnMQIqdHoUBxFlUzoZCV1jGlQcYwdGNipJZSAoIHJdLSVfCHY/M1JjYzogBWdyOzgRSAUUURIJZh44EXdwTgI/XWVSUyBVdS0WA3VEQCQcekYkKQFzUEU7KlZDD1E8AERPI1VUXyMwQFpHGA8WDX80MSNjWDIYC0FHIhU3WwM
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-47.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ed249d76ccb8d9f33f8c0e67c8ca0bbf93a7c9fa197b46e4ddc69b83d26cff37

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1259
content-type: text/html
date: Fri, 12 May 2023 20:02:22 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-id: a-AN3j-XknICNYJLRvkk8BeQZ8yfPOXKwIwobG4umY5lAvhoDuup5A==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 204 ckdZbXldeDoeRCMsCx8uJQFpDhUeLw41HUofDhUoF3Q9PhseFn8ZEBZ6YFpAQn5sSwkbI2ReS1Q0LQwNBzRkXF8bKT8CRFQxZF1XS2loQ0xUMmRcTEV3aV9LS3RoXkhAd2tZXwY3OApEQ2EpGQ0eemhbQUF+a1xORnVvWU8
practicalwhich.info/ 0
241 B 155ms
115ms Image
text/plain 172.67.218.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://practicalwhich.info/ckdZbXldeDoeRCMsCx8uJQFpDhUeLw41HUofDhUoF3Q9PhseFn8ZEBZ6YFpAQn5sSwkbI2ReS1Q0LQwNBzRkXF8bKT8CRFQxZF1XS2loQ0xUMmRcTEV3aV9LS3RoXkhAd2tZXwY3OApEQ2EpGQ0eemhbQUF+a1xORnVvWU8
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MXPsXexOt0fgYM0tYpazcmNYd8Q0j36iap9j9c789bqznaRJY3SNDKzsecfdp%2F8djooT9uojVvBHJ97osYiEhnRk3mbThOa7BrWiEoioQL5cp1KDMjFAk9f24EHntjgoKW0Nx8j"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424bfa2c373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 fS1gKTtkCHFpAXYtcxBrV29DODwNcABoaAl8ESExVHQEY35DPVYlLUN0BWFoB29ePz5fdAZ3Lg15GWh2AWcCdy0NeAJmaAB7BWhrAXoGY2gCfRElKFEuCmB+QD1DPWUBfw9iYQJ4AGVqBn0P
practicalwhich.info/WDBJN1F3DypEbA9nGwEfHQE/Yjo/ 0
416 B 147ms
106ms Image
text/plain 172.67.218.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://practicalwhich.info/WDBJN1F3DypEbA9nGwEfHQE/Yjo/fS1gKTtkCHFpAXYtcxBrV29DODwNcABoaAl8ESExVHQEY35DPVYlLUN0BWFoB29ePz5fdAZ3Lg15GWh2AWcCdy0NeAJmaAB7BWhrAXoGY2gCfRElKFEuCmB+QD1DPWUBfw9iYQJ4AGVqBn0P
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dUF%2BM42DmvyMMHHZ2hMrD0mmTg%2FdFMY%2FOH%2BG0ghND%2Btj5hCHYOzvmwUBdqOuLp%2B9lmrewWaA838Y9W0S7LBVpWBCPtoFjL4IQKSVIFYTTgRl5ZOUvXjpmB%2BiUCoN6752n19sRts"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424bfa2e373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ 356 KB
120 KB 101ms
83ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com&bust=31074562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caad35010cdc4d579f9f3e295d9e4a6f2c842c259a0d78829a73f225b88bd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122579
x-xss-protection: 0
server: cafe
etag: 13986346840191528223
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H3 200 stack-interface.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/ 4 KB
5 KB 17ms
17ms Font
font/woff2 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: "5f8bebc0-10c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFSXzMdVldokaw4K6A5IPddhY4NAJAIH5%2Bms1VpC2skVW98GR9KXLeDD6ErB7qfTIb0MUB4ScanPOvdiOZ9QqlLZtXYNiKQxyOhDNtza7lIUR5qhQ9PjcuCMQG58ZdNOp6n3GDBHPTYLcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c65424be8482bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4292

GET
H3 200 fa-solid-900.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/ 78 KB
79 KB 20ms
20ms Font
font/woff2 2606:4700:3037::ac43:cde6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cde6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3799
etag: "5f8bebc0-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeYPO7x59mhQiv5pQ5C8r8Wn0FxxyP8k3VdGKnbPqaxzllgUZ3oGKTNcSDdr7M8iIVcZ%2FIEGW6gd3YDPghaEKuYGg%2BAdh6sa5p7o%2FvOFuMI4kZnjMfUCq2%2BRjlBgqIq3faPLKp0g10q7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c65424be84a2bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v35/ 19 KB
19 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 04:52:49 GMT
x-content-type-options: nosniff
age: 572973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19308
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 04:52:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame C116 10 KB
5 KB 37ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 04:30:43 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 04:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 317ms
198ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2F9sYa&j=
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
x-t: 0.638
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwiAIxVW7VB0z5RJYhflMN3yU5UifjsWPI2F1zUG36rZt7cqqsAenASK3FKp%2FZ5yAlH2%2FFp%2B8wQsTOcRFkqH1K4kayUHQx2yHeb3v5rS6xMhRdwdCcrzQRBM8AbChRKWWOp93ncXOauSliI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 7c65424d5a1a7747-LHR
expires: Fri, 12 May 2023 20:02:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 108ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G45GX6EFX2&gtm=45je35a0&_p=433170772&cid=1650764167.1683921743&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683921742&sct=1&seg=0&dl=https%3A%2F%2Fbowfile.com%2F9sYa&dt=SOM_IllustrationForMotion_DownlopadPirate.com.part4.rar%20-%20BowFile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bowfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GRQeBioPAQwBJgxBXCx6S1NAWXldVl5CJBAQAwZqSidLWH8UDQUPakpUCQ8sEwtHT31IBwYYIBUBS1gJSVVdRH9WUVhdfVZdXE99SBcPDC4KDUtYCU1XWUR8TkIbV35NU15afUpdXVt8SVZeWHs Show response
d2oy22m6xey08r.cloudfront.net/0ZG5qT3gHAQQpRxAHDnJBUVpSeklCBBkgFhRTAxgOVx8SBT1XJxJ8AEIaECtFVEgGLhYDU0wqFgdTW2kZAAxXf14QHgUkRRIWDCUbHg0LLAJCGwtyFQsUAyMUBUtYCU1KXk99SEwZAyEcCxkZakpUAB5qSlRfWmFIQV0oak... 713 B
796 B 240ms
156ms Script
text/plain 2600:9000:223c:c600:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/0ZG5qT3gHAQQpRxAHDnJBUVpSeklCBBkgFhRTAxgOVx8SBT1XJxJ8AEIaECtFVEgGLhYDU0wqFgdTW2kZAAxXf14QHgUkRRIWDCUbHg0LLAJCGwtyFQsUAyMUBUtYCU1KXk99SEwZAyEcCxkZakpUAB5qSlRfWmFIQV0oakpUGQMhTlBLWQ1dVl4SeUxNS1-h/GRQeBioPAQwBJgxBXCx6S1NAWXldVl5CJBAQAwZqSidLWH8UDQUPakpUCQ8sEwtHT31IBwYYIBUBS1gJSVVdRH9WUVhdfVZdXE99SBcPDC4KDUtYCU1XWUR8TkIbV35NU15afUpdXVt8SVZeWHs
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c600:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 461734ea924a374fc9aaeb5f9ab431d5a84675691670ff9f8501d7d7380c7a0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 520
x-amz-cf-id: aL5SEn5aVX-r2qs6J_b1A2zLn05T6x8b_AsdfNaleynmSJNDuY4BtA==

GET
H2 200 NgMSPSFKKUVMaSIJAx4ZO3UZPzw6BDcyF0AuGCdoISAfAgNLdBwQGS4GEjILSikfAWgiFUVEAjAiUh8iFyMESD0KDxoTBkt4ED0i Show response
affelseaeinera.org/dHVReE0VFzIVchVIM144BhlsXX8yUGM+KUYaKEp/GUMpHTRETSNWLhgaJBwrBho/DGMaECVdfzI8BRQfJCcJFzk7DBQSHyAaaDN+HDE0LwtRRxccfQwaARI6BTMVTT09DzJMBDA8CBwmTAQZPDUeMTspOhcbBxsEHiA5MSYQGhwrCBknYk... Frame CDB9 3 KB
2 KB 119ms
118ms Document
text/html 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affelseaeinera.org/dHVReE0VFzIVchVIM144BhlsXX8yUGM+KUYaKEp/GUMpHTRETSNWLhgaJBwrBho/DGMaECVdfzI8BRQfJCcJFzk7DBQSHyAaaDN+HDE0LwtRRxccfQwaARI6BTMVTT09DzJMBDA8CBwmTAQZPDUeMTspOhcbBxsEHiA5MSYQGhwrCBknYkE0OBwUIS5GNyE1HBsdAUsEAzMSFzU/JiYtBg43ITUPAA8eKwxRRxc9ND1BHRUPPTYWPiUQI2hAFzMWKD00NQIYPAQ+FGMiaEYzGg94Bi8/QX0nGBMTLBosZRl/LlBjPgAcODYhIwASAik1DBMJLQ4RMhMVFDEddEoPOiF8QHwyHCISBh0WAzI0NgQ1AjVDL2IQPyctOQArLCMCMhkDQho6FwYvNgAqJz1lTAcdQTcZfy5QYz4EHE0lKDQ2BglLNR85EkgEPSE6CRQxEhgiFUFHBzB4QhA/NgMSPSFKKUVMaSIJAx4ZO3UZPzw6BDcyF0AuGCdoISAfAgNLdBwQGS4GEjILSikfAWgiFUVEAjAiUh8iFyMESD0KDxoTBkt4ED0i
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f3e8bd00c285a98476c467269f43303977a5298b511dbec39d8715c958917abe

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1247
content-type: text/html
date: Fri, 12 May 2023 20:02:22 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 ea3d06e94081b5e61e2cf220951142d0.cloudfront.net (CloudFront)
x-amz-cf-id: lp8TB8tLZ7rewMo4MV9q56D2_25tIie9lzLIf2kNLF1sC7kZZ5KI9g==
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront

GET
H2 200 a1gUCig2BRJHaB9ZRlF0aUZCVG1rRk5Qf2tYBAM8OBoeR2gfXURVdGpeURdnaF1AUmprWk5Ra2pZRVJobQ Show response
d2oy22m6xey08r.cloudfront.net/CYlpZaHcBNTcOSBYzPVVOVmNoUUZEMCoHGRJnLw1FCwMgIxhQbjc+T0QuIwxKUnw1CRkFZ38NGQFnaE4WBjhkWFEXO2QFGBgzNQQWR2gfXVlSf2tYXxUzNwwYFSl8WkcMLnxaR1Nqd1hSURh8WkcVMzdeQ0dpG01FUiJvXF... 201 B
476 B 232ms
157ms Script
text/plain 2600:9000:223c:c600:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/CYlpZaHcBNTcOSBYzPVVOVmNoUUZEMCoHGRJnLw1FCwMgIxhQbjc+T0QuIwxKUnw1CRkFZ38NGQFnaE4WBjhkWFEXO2QFGBgzNQQWR2gfXVlSf2tYXxUzNwwYFSl8WkcMLnxaR1Nqd1hSURh8WkcVMzdeQ0dpG01FUiJvXF5HaGkJBxI2PB8SADEwHFJQHG-xbQExpb01FUnIyAAMPNnxaNEdoaQQeCT98WkcFPzoDGEt/a1gUCig2BRJHaB9ZRlF0aUZCVG1rRk5Qf2tYBAM8OBoeR2gfXURVdGpeURdnaF1AUmprWk5Ra2pZRVJobQ
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c600:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 119e98748baa84476789bd4dd7b5f8ddf118f6b55c020262bf5d951778402415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 199
x-amz-cf-id: tThjiLErKv_76nrXzGjI6TWhWtBTG1G7VEzdrEniqBUhdPdCm7CXhA==

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 198ms
123ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=4priswyaav&t=SOM_IllustrationForMotion_DownlopadPirate.com.part4.rar%20-%20BowFile&c=c&x=https%3A%2F%2Fbowfile.com%2F9sYa&y=&a=0&d=1.01&v=27&r=974
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d87846d4ea64dfe7a7b3ab09e447fa497361a0f3e31283eb0e7213e0500f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c65424d5f8f37fe-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 56ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bowfile.com&callback=_gfp_s_&client=ca-pub-1455201204252520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com&bust=31074562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13c19c11ba6603d57989b04a6e0a6d94b259c3d4fb36f56630b592c5d910c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 61ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 57ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA4F 235 KB
50 KB 463ms
460ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1683921742&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbowfile.com%2F9sYa&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742696&bpp=22&bdt=413&idt=201&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6749078188984&frm=20&pv=2&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b2485b6bf5d885b3396680c7acaec19bad9acf5f76b6439c6d5769c31a3ddb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50886
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:02:23 GMT
expires: Fri, 12 May 2023 20:02:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A259 102 KB
35 KB 653ms
652ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1683921742&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9sYa&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742718&bpp=2&bdt=434&idt=205&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749078188984&frm=20&pv=1&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i34PgD9QkU&p=https%3A//bowfile.com&dtd=215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee28ec0f266ee9505ae040885c8d3bc362008fb154ff163649cd4c505b20e115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:02:23 GMT
expires: Fri, 12 May 2023 20:02:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 eAZweEp7EzJrSHgCd2ZLfwx0Z0p8B3dkTQ Show response
d1zjpzpoh45wtm.cloudfront.net/QeU01R1YaIlshaQ0kUXpvTnQFfmNfJ0YoOAlwfgQGPB5ZAi8UPEYSIigmAmEiAykId3AVLFsga18oWyRrSGtUIzREeRMzJhYmCDI4HShTLjgcKRMyN0QgWj0/FSFUYmQ/eBt3c0t9HTA/FylaMCVcfwUpIlx/BXZmV30QdB... Frame BF5A 448 B
631 B 156ms
155ms Script
text/plain 2600:9000:2057:2200:c:6917:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjpzpoh45wtm.cloudfront.net/QeU01R1YaIlshaQ0kUXpvTnQFfmNfJ0YoOAlwfgQGPB5ZAi8UPEYSIigmAmEiAykId3AVLFsga18oWyRrSGtUIzREeRMzJhYmCDI4HShTLjgcKRMyN0QgWj0/FSFUYmQ/eBt3c0t9HTA/FylaMCVcfwUpIlx/BXZmV30QdBRcfwUwPxd7AWJlO2gHdy5PeR-xiZEksRTc6HDpQJT0QORB1EEx+AmllT2gHd34SJUEqOlx/dmJkSSFcLDNcfwUgMxomWm5zS31WLyQWIFBiZD98BHR4SWMAcWFLYwx1c0t9RiYwGD9cYmQ/eAZweEp7EzJrSHgCd2ZLfwx0Z0p8B3dkTQ
Requested by: Host: ntoftheusysianedt.info
URL: https://ntoftheusysianedt.info/MDR3YWZRVhQMWVEJFUcTQlhKRFR2EUUnAgFOHREcQFsfVVNHQBpPBVxbAgUAQlsZFUheUQNEVHZlEjRWAWZGOAd5WAQJB2EEHDQ+QEIjDzd2UhovAHoELg4pcVgABwFhcycjU2p1HlkzYHEuMi9ZUxogC3VdNhgNeVBEIDB8cgQGBwEMGDYfYkYkJhJlfQ0zI1VmOhssWG0aIiJ5AD8yDmR4HQYFe2Y6GCgAZRA2DAARRScgY3IiOAthEUUnA3JARAJWRA0/NScVBjEnH1xVOiIwU1IANBZ5WA9EVHZ2LzsLZgdHMAJyZhQHEWVDJxkCB3UgKwp/BhApAkkBJwQ0HUweOyNbRyU1BQZ8MxE3emBHMClidkYkI0gRRSMnXVgbNVRXfBNSUmN+IiQXf1gPRFR2UBorDWNnMQIqdHoUBxFlUzoZCV1jGlQcYwdGNipJZSAoIHJdLSVfCHY/M1JjYzogBWdyOzgRSAUUURIJZh44EXdwTgI/XWVSUyBVdS0WA3VEQCQcekYkKQFzUEU7KlZDD1E8AERPI1VUXyMwQFpHGA8WDX80MSNjWDIYC0FHIhU3WwM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2200:c:6917:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d1c567e4bc7da119fcd46a93f24621a87ef5c57eef670a5622ad9a976b681daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntoftheusysianedt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 355
x-amz-cf-id: SKX9B_qFbchj3XJaY3hg5Bzj6E3nsodtZtqVVy9qSFyUST-0xgLyHA==

GET
H2 200 Ih8tPyBsX3xkLC0IITkqYEgIZX52VH56enNNfHp2d198ZDwkHC8mJmBICGF8clR9YmkwR39heHVKfGZ2dkt9ZX11SHo Show response
d2oy22m6xey08r.cloudfront.net/ITlRPRXotOyEjRTo9K3hDeWF/d0xoPjwqFD5pIzc4IDIYdk8qHDxjDjQwcnVcIjUhIkdoMSEmR39yLiEYc2BpMQohP3IwFCoxKSwUKzBpMBtzOSA/EyI4LmBICGFhdV98ZGcyEyAwIDIJa2Z/Kw5rZn90SmBkanY4a2Z/Mh... Frame CDB9 819 B
842 B 152ms
151ms Script
text/plain 2600:9000:223c:c600:3:bb01:eec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oy22m6xey08r.cloudfront.net/ITlRPRXotOyEjRTo9K3hDeWF/d0xoPjwqFD5pIzc4IDIYdk8qHDxjDjQwcnVcIjUhIkdoMSEmR39yLiEYc2BpMQohP3IwFCoxKSwUKzBpMBtzOSA/EyI4LmBICGFhdV98ZGcyEyAwIDIJa2Z/Kw5rZn90SmBkanY4a2Z/MhMgYntgSQxxfXUCeGBmYEh+NT-81FisjKicRJyBqdzx7Z3hrSXhxfXVSJTw7KBZrZgxgSH44Ji4fa2Z/Ih8tPyBsX3xkLC0IITkqYEgIZX52VH56enNNfHp2d198ZDwkHC8mJmBICGF8clR9YmkwR39heHVKfGZ2dkt9ZX11SHo
Requested by: Host: affelseaeinera.org
URL: https://affelseaeinera.org/dHVReE0VFzIVchVIM144BhlsXX8yUGM+KUYaKEp/GUMpHTRETSNWLhgaJBwrBho/DGMaECVdfzI8BRQfJCcJFzk7DBQSHyAaaDN+HDE0LwtRRxccfQwaARI6BTMVTT09DzJMBDA8CBwmTAQZPDUeMTspOhcbBxsEHiA5MSYQGhwrCBknYkE0OBwUIS5GNyE1HBsdAUsEAzMSFzU/JiYtBg43ITUPAA8eKwxRRxc9ND1BHRUPPTYWPiUQI2hAFzMWKD00NQIYPAQ+FGMiaEYzGg94Bi8/QX0nGBMTLBosZRl/LlBjPgAcODYhIwASAik1DBMJLQ4RMhMVFDEddEoPOiF8QHwyHCISBh0WAzI0NgQ1AjVDL2IQPyctOQArLCMCMhkDQho6FwYvNgAqJz1lTAcdQTcZfy5QYz4EHE0lKDQ2BglLNR85EkgEPSE6CRQxEhgiFUFHBzB4QhA/NgMSPSFKKUVMaSIJAx4ZO3UZPzw6BDcyF0AuGCdoISAfAgNLdBwQGS4GEjILSikfAWgiFUVEAjAiUh8iFyMESD0KDxoTBkt4ED0i
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c600:3:bb01:eec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a8a77fab6d0491c5289daf523fcfe905cf5f08065fcd6f35ee999dfa207276f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affelseaeinera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 566
x-amz-cf-id: _LmIcFDV86Q-GjEY2TbXOrQaiPcrFiuRUCzOkVVv0abkrHzLGW1-3Q==

GET
H2 200 tc.js Show response
cdn.tynt.com/ 18 KB
7 KB 60ms
15ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:05 GMT
server: cloudflare
age: 228103
etag: W/"64109735-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c65424e6eff9b77-FRA
expires: Mon, 15 May 2023 20:02:23 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
341 B 185ms
184ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=70oxot7som&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=5kt6&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2F9sYa&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62c4f7f1423df029881a6e5cc98ea8ba6b80d040d6da73eef6c7da0eaf7d96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
x-t: 0.181
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A2Z4MAKwtXVNfDq0sETS%2BxPj4n6QCudfWIQmcz3PEIbtxYY9Sg0rrcGeBSXFtyds3PUKrua2renvL1Q9jBjsWOquoSmkFCsBpTWlLBgMS6JEi%2BkQgTzflz1mJkc8gmCBqPFcXIM%2Fop0NMA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7c65424e9cc47747-LHR
expires: Fri, 12 May 2023 20:02:22 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 348ms
117ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1683921743170&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9sYa&t=SOM_IllustrationForMotion_DownlopadPirate.com.part4.rar%20-%20BowFile&chmob=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 12 May 2023 20:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 popunder.gif
practicalwhich.info/ 35 B
423 B 17ms
16ms Image
image/gif 172.67.218.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://practicalwhich.info/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Fri, 12 May 2023 20:02:23 GMT
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 16:17:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 272714
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sSmhmnBtTd7SCgYwC%2Fygo8NRo%2Budf7uncYHJ8nfSbV0tZbsNUTxcrlSDvrldLyBCYpJWKqjMV%2BaP%2Bc%2Bn5wcWaTIY0DNkeFHmBEwPD1Id5HK8jNBr5Fa5SfYVZ2474elRIy2w3kc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7c65424f3e2c373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 AGBnYjZZPW93dBYqJiUyRSpvdnYAbnQtKFY2b3VgRmRian8eaHxxYEVkY3FxAGlgdn8DaGF1dABrZmIyQDg1eXcWKSYwKg1oZHx1CWtjc3IDa2d3
practicalwhich.info/MFlSREYfZjE3e2kMZjMQARMKIQd6LzMoFAIbPw4sZxFiDh93OnQwL1Rka3N/ 0
245 B 101ms
100ms Ping
text/plain 172.67.218.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://practicalwhich.info/MFlSREYfZjE3e2kMZjMQARMKIQd6LzMoFAIbPw4sZxFiDh93OnQwL1Rka3N/AGBnYjZZPW93dBYqJiUyRSpvdnYAbnQtKFY2b3VgRmRian8eaHxxYEVkY3FxAGlgdn8DaGF1dABrZmIyQDg1eXcWKSYwKg1oZHx1CWtjc3IDa2d3
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhP2TlbnvN5dimi74ufOLKmQr%2BQ1Zrhgt%2FzeTVebCw75yaxiE7loADjg684mYCugbBf6aNjWFQb9YazbPm5Gd2W2VtNx2rB%2Bsd8tnZh6VM84Hraph1a0GVFJoO7U7DUntDOkEwUZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c65424f5e54373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 205 floater Show response
ntoftheusysianedt.info/ 0
562 B 114ms
114ms XHR
text/plain 108.138.7.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntoftheusysianedt.info/floater?cs=S09tdGN9eV9MW353W0FScnxUQ1Y&abt=0&red=1&sm=90&k=part4&v=0.9.1.5&sts=0&prn=0&emb=0&tid=979095&rxy=1600_1200&u=1570022931312024&agec=1683921742&fs=1&m=1&ns=1&ndp=1&asi=1&mbkb=1123.5955056179776&ref=https%3A%2F%2Fbowfile.com%2F9sYa&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F113.0.5672.92%20safari%2F537.36&tzd=0&uloc=&if=0&aa=lbnt__oi0_&_U9hq=1683921743254&crc=1
Requested by: Host: d1zjpzpoh45wtm.cloudfront.net
URL: https://d1zjpzpoh45wtm.cloudfront.net/?zpjzd=979095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-47.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:23 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://bowfile.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 0XqFKL5AlUGi36aaNrDMx_0mIOxTS9OdjZ5tCzLr7w9wHXIuSeszmw==

GET
H3 200 popunder.gif
dgemanowhowe.xyz/ 35 B
554 B 16ms
15ms Image
image/gif 172.67.150.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgemanowhowe.xyz/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Fri, 12 May 2023 20:02:23 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 14:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 106988
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlAKsdrorEZmPiN%2B%2FCyzuxU%2F346GdieAEdD7fjPCV%2FzHmu5Nhkbfq7GxV6zQJKuK%2FJkMCdZX5x6O1ADjTT%2Bwmc9qq%2FHiqh75fOGQRTf7ylK8W2C923VaZOsOowWl9CXotfrG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7c65424fad691bc3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ 152 KB
51 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/reactive_library_fy2021.js?bust=31074562

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c03842819bbce02d7144d54b35e7d085a0601f935222e20176d878cb6e7894e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52604
x-xss-protection: 0
server: cafe
etag: 11950667681407109237
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1450&su=bowfile.com&d=0&pvc=305902363485343&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
326 B 128ms
100ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!4priswyaav&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fbowfile.com%2F9sYa
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 12 May 2023 20:02:22 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Sat, 13 May 2023 20:02:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
109ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=1450&su=bowfile.com&d=0&pvc=305902363485343&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 21ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 8256 10 KB
4 KB 12ms
11ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 5470 10 KB
4 KB 13ms
10ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 102ms
102ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1683921743170&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9sYa&t=SOM_IllustrationForMotion_DownlopadPirate.com.part4.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 12 May 2023 20:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8256 2 KB
845 B 207ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 8256 22 KB
9 KB 188ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8256 3 KB
1 KB 205ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8256 19 KB
8 KB 188ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8256 169 KB
53 KB 194ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 8256 32 KB
14 KB 189ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5470 2 KB
799 B 198ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 5470 22 KB
9 KB 178ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5470 3 KB
1 KB 195ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5470 19 KB
8 KB 192ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5470 169 KB
52 KB 199ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 5470 32 KB
13 KB 179ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1683921743170&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9sYa
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 12 May 2023 20:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 css
fonts.googleapis.com/ Frame A259 9 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1683921742&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9sYa&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742718&bpp=2&bdt=434&idt=205&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749078188984&frm=20&pv=1&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i34PgD9QkU&p=https%3A//bowfile.com&dtd=215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 18:57:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A259 2 KB
799 B 35ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame A259 22 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A259 3 KB
1 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A259 19 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A259 169 KB
52 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame A259 32 KB
13 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A259 0
0 93ms
69ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsJYmT5teZIXjAYW1sgf8qLPgCqa3yrRw8JzU2dkR3Ye287UqEAEgkIGTI2CVqp-CsAegAYLcuYEDyAEJqQK0YHNnCRmBPqgDAcgDywSqBOQBT9BkW8dx-94ULGNd8gASSUBwuPej3nHZ5pjT7YNGmCcSyWO2yG1KV_k3f9elIBGbJ_GpkZVbMrUFJY2nmD7f7sTWfQttX7TmoMMEh5rUxzClqkYjwxCxXX2Srq4LPy4Tt0XbMU876ZwaROQ5R3BZNt8seorhD9l2kEmRLSMbzmSSkAeI19O7PrEpVcQxSdj53_BsM2p3kC_jmtbrXYGLrKKA_hqa83MUniYigrOBJLsZyJvqCoDgRp47ysQjHlpxs_D-bOFhPpAcl4r3-G9hNHYHSufOL7I-YJkahkrYep1eMHcIwATGtLrhowSSBQQIBBgBkgUECAUYBKAGLoAH5qPGfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELP8BdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNDU1MjAxMjA0MjUyNTIwGAA&sigh=oA-kt0bUeRY&uach_m=[UACH]&cid=CAQSGwBygQiD9J2htOJMUeTDOz9QCA8maAjvCxe3yRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=7461073491&adk=3313644723&adf=2726021737&pi=t.ma~as.7461073491&w=1110&fwrn=4&fwrnh=100&lmt=1683921742&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2F9sYa&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683921742718&bpp=2&bdt=434&idt=205&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749078188984&frm=20&pv=1&ga_vid=1650764167.1683921743&ga_sid=1683921743&ga_hid=433170772&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44790803%2C44773810%2C31074198%2C31074562%2C44782468%2C44788441%2C44792088&oid=2&pvsid=305902363485343&tmod=1239391822&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i34PgD9QkU&p=https%3A//bowfile.com&dtd=215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:02:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 20:02:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1620198654246556514/ Frame A259 25 KB
25 KB 44ms
19ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1620198654246556514/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44a468aa93e5d5d1ffd4213c3d658ace2fdf2254abd1e70981afc5da82f041a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 20:08:59 GMT
x-content-type-options: nosniff
age: 604404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25522
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 07:44:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 May 2024 20:08:59 GMT

GET
DATA 200
OK truncated
/ Frame A259 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A259 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 123ms
109ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1683921743170&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9sYa
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 12 May 2023 20:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
DATA 200
OK truncated
/ Frame A259 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ac91b54fa16f5aab9ded92b09e318403e7d6603d0d88379e54cf3ed274cbc50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4927 37 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A84 37 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/9sYa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame A259 29 KB
29 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 571063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:24:40 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
103ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1683921743170&dn=TC&iso=0&pu=https%3A%2F%2Fbowfile.com%2F9sYa
Requested by: Host: bowfile.com
URL: https://bowfile.com/9sYa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/9sYa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 12 May 2023 20:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DC1 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 59ms
58ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

896fb1302ff821f878936977d7b37fd215bc65046ccc9dabc817fae2855a293c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11111
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 20:02:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7120 13 KB
5 KB 11ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 19:16:18 GMT
expires: Sat, 11 May 2024 19:16:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E63 783 B
1 KB 60ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63dbc8322c7010a994ec24ad351cf39cc8163b363dad8fc8319245da109524a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w8W31rdB1AqW4m_buANOPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-w8W31rdB1AqW4m_buANOPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:02:24 GMT
expires: Fri, 12 May 2023 20:02:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7120 37 KB
14 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2E63 0
0 109ms
108ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=305902363485343&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7120 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LyQ21Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:02:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
125ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=305902363485343&bg=!1tWl1YHNAAYldGN0BXQ7ADkAdvg8WhzFNTVy-E9G7Np8tQlMJY_9mB1LDak2DZAjlk2x2RGO3bB1VZbkQjNDaXWEeA7LrymkMDgCAAAAVFIAAAADaAEHmQK9fU9YAaZ0yul-78XN7vhJOvsJfnpcNztgiRFMOv18WP_c-1v2dqubM-FYIO4nqYBWKcYGNzIN1wvCvI3ql_cbI28qrSyH7LjQYx3aVhm6w8fsuudQsQl6-4dke6IsMU7-MEKD3vG7xjP6gPArXEJfMT5b9vJUl9YdOXp4mGDb9GsGg1oqLxjlCe1J_vj5zltnjj0mWK7I2L_Kao71_N9S7zixVgDUuNp_wWmZZIXX1_N76amylAe1NOzVCn-Ul0lWV-xphKfZrWyVP8jY2OW0WtyB4fpSdXQU77ODBF2pU57BNIG5IC3uvtoDIV0Ng7nxEgD0fwqNrzIbm8uTiSgGw3io15aH_UfDgu0-3aXdO_6CyxWSI2jClWrO_aiUXBxIXAq3EBP-U-lardrnXl9nXaMv27t1iZUXiD2soC6Lbj3h46xnrwbYqFAFbxuNu_i0Jac9N6zRDvRCzRqxD8jipwop-tGfT3EgiyQd1S6sLnEoRVQtKPHLEk3pZhCOnjaK-wEG_Gm9u6ap9hkW47HVok4K849CNAt9-OypQIiYXssiJ_psLOc7NecDtTSRAFVBWWYB7-B_2L1c-a-8BcV0h0u5WCsfikg1fDoUjTQERd9DR02A17Zu03HpQpgVanupZQ0XAGQ94z0gJQoawGCJCfo3PJcwYnISARU5tB0fncSmiHz6Kx0mJyFsbqBqpo3hFkPpOOXvCqxzZ5oRHD0Lyk2xEQWb0Qp380QsYxmziRNSXeLci3Qfa9txD9hPqzLEJamVo-BEXp71xrP4Txg722T9dbmXLpbtJqcjDru3_oZ_78uqsS421BlziaCL7JCLi5pLzuKg_CLW_pjEnOQPEGxt-SbfApqj5n7hpF_2d-qQqaTFbgbewyKibnrR53QZby5kKIRNDjI1qAGfF_La_kqJTzocfv0ItbL9-cw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A259 42 B
64 B 118ms
118ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO0Pa5rybeiTFMDzanzXFzjfOpSWhbLI2w6KZoKg4lmq1-mizFAMociHUx8gXtxMIpft7ODfevnCe_2uoLKSS023Vi06wy_NGO6DpAaE3c6Cp1-A9CWMLlY0-azmK6dkOF8tlNUw&sai=AMfl-YROboPdBuz8m9jZJCqZ-49rAT3EIoUWrvYIBCg-V3RmpUm_2O7fnnnT1TTOjrdz5eP3JzHuQMPyzIeF&sig=Cg0ArKJSzHYFF_R8bjhZEAE&cid=CAQSGwBygQiD9J2htOJMUeTDOz9QCA8maAjvCxe3yRgB&id=lidar2&mcvt=1000&p=35,0,315,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3313644723&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683921742935&rpt=1072&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:02:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bowfile.com/	1970-01-20 11:46:48	Name: filehosting Value: or19t70b0ehcj1649hn528rg0r
sarinjowel.com/	1970-01-20 11:46:48	Name: GL_UI4 Value: eJw9jd1Og0AUhPmnakEn4QF8hCVtpV4aH8JLcmAPdC3sNssK8e3dmOjVfJl8kwmCIKoeEa5ZgviLTnim7vzSNK80EJ1qPjaSpBTifBDy2FHPA%2B7U0jrqJnYJdstM1rVuTbAfWbNVfdsbyQWevPXXXLXZdIK0s6RlgXT2xlQg76zZFrZVjETTzMjeL9b4TGf6NBZxXR88K%2B05FIjMUsXlPfIPpaUflntEtSjLLMDDbSI3GDu3SmYh0tGSZIRv2PXkeDT2G7nk5erMDTCTbP%2F93994qwUyyavq%2FblxF7Y%2FEHNPPQ%3D%3D
sarinjowel.com/	1970-01-20 11:46:48	Name: GL_GI10 Value: eJxNjt0KgkAQRm2tLemPgR6gF1AqELo2pZveYdl0iqXckXWL7OlbNaKrme98nGE8z2OrBTBVwXy%2FiXZxHG3d2GzBvyIBSzOY5fTQ1jRCyxJhfERTSt0AN3hVpIElGUz7XeRUIIzSLPxjnTU9SV2sEzR3pWGYK%2Bv8bwra1JtBa%2FbUV7X76EAGw0TmtzNpV2u0oq4QCwhcU5GRFmHxo90R7sNE1aIy9Gr4AJZWlfh2tqDLpUbLGQyenH0AYpBJLQ%3D%3D
pogothere.xyz/	1970-01-20 20:23:45	Name: csu Value: 1570022931312024@1@1683921742
.bowfile.com/	1970-01-20 21:21:21	Name: _ga_G45GX6EFX2 Value: GS1.1.1683921742.1.0.1683921742.0.0.0
.bowfile.com/	1970-01-20 21:21:21	Name: _ga Value: GA1.1.1650764167.1683921743
.bowfile.com/	1970-01-20 21:06:57	Name: __gads Value: ID=2c03414ad232ebf4-22532486d1dd0016:T=1683921742:RT=1683921742:S=ALNI_MbiCeWLMwr7rRlcGpHyizaRmpX0GQ
.bowfile.com/	1970-01-20 21:06:57	Name: __gpi Value: UID=00000bf9bd24d9a5:T=1683921742:RT=1683921742:S=ALNI_Magym5BwpdN4UD1E8WX-7Y3EHCKeg
.dtscout.com/	1970-01-20 11:45:26	Name: m Value: 1
.dtscout.com/	1970-01-20 11:45:36	Name: oa Value: 1
.dtscout.com/	1970-01-20 14:09:21	Name: df Value: 1683921743
.doubleclick.net/	1970-01-20 21:06:57	Name: IDE Value: AHWqTUkVrYAXP4_O8QGMpRbS4rlhl_ke2UtTM89yYHf4IgH7zrPSnEnpUUAzglqa2_c

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-904980040%3A1683921742528149&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEzRK7Z5CUlB1W8KGxipM5loe9zhkuWT6u7a0VwfYHTVJLe7xyvSqsGgLmAJpi7gVAv_30NnQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1291921324%3A1683921742552730&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPlDFqKoS_FmWhS2eQ5EQccIy5vHNidni28R9HcbhZp7MZr2CMFfBP97IHfto2jBGtNvy5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
affelseaeinera.org
bowfile.com
cdn.tynt.com
d1zjpzpoh45wtm.cloudfront.net
d2oy22m6xey08r.cloudfront.net
de.tynt.com
dgemanowhowe.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ic.tynt.com
ntoftheusysianedt.info
pagead2.googlesyndication.com
partner.googleadservices.com
pogothere.xyz
practicalwhich.info
region1.google-analytics.com
sarinjowel.com
t.dtscout.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.173
108.138.7.47
142.91.159.108
172.64.199.35
172.67.150.94
172.67.218.114
18.154.63.48
2001:4860:4802:34::36
2600:9000:2057:2200:c:6917:5a80:21
2600:9000:223c:c600:3:bb01:eec0:21
2606:4700:10::6816:4bab
2606:4700:20::ac43:4739
2606:4700:21::8d65:780b
2606:4700:3037::ac43:cde6
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200d
2a00:1450:4001:831::2002
2a03:2880:f176:84:face:b00c:0:25de
67.202.105.34
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
119e98748baa84476789bd4dd7b5f8ddf118f6b55c020262bf5d951778402415
15daf41355c0b0acb78ab00350fdf22ed995ec342b105d55c9aee12cc8baa9f9
17f791fba9a1705d0ed1d1f4e42d7f0f87d8bd1424fa59bc10dcbb4a446dcb9e
1c03842819bbce02d7144d54b35e7d085a0601f935222e20176d878cb6e7894e
1caad35010cdc4d579f9f3e295d9e4a6f2c842c259a0d78829a73f225b88bd58
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2a8a77fab6d0491c5289daf523fcfe905cf5f08065fcd6f35ee999dfa207276f
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3ac91b54fa16f5aab9ded92b09e318403e7d6603d0d88379e54cf3ed274cbc50
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
461734ea924a374fc9aaeb5f9ab431d5a84675691670ff9f8501d7d7380c7a0e
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dbc8322c7010a994ec24ad351cf39cc8163b363dad8fc8319245da109524a5
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
7bdf6199f3072c6d1f46dd3b9141cd665c944a0afdf0718a8f9ccb7b30eb19c8
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8402898f3fdbd981270ccb8c17d4386bfee55e0e115427b6ab771fc6601822f3
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e
896fb1302ff821f878936977d7b37fd215bc65046ccc9dabc817fae2855a293c
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
9b2485b6bf5d885b3396680c7acaec19bad9acf5f76b6439c6d5769c31a3ddb6
a21da05a41ae1cb4477e9e0e184084509c039896b880d0005dd82c4cacea9806
a3d87846d4ea64dfe7a7b3ab09e447fa497361a0f3e31283eb0e7213e0500f97
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a775df3ca65dd9d5e65a2a719d740e377831812ee419d43d6141365143c0453f
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b13c19c11ba6603d57989b04a6e0a6d94b259c3d4fb36f56630b592c5d910c2a
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d1c567e4bc7da119fcd46a93f24621a87ef5c57eef670a5622ad9a976b681daa
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62c4f7f1423df029881a6e5cc98ea8ba6b80d040d6da73eef6c7da0eaf7d96b
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed249d76ccb8d9f33f8c0e67c8ca0bbf93a7c9fa197b46e4ddc69b83d26cff37
ee28ec0f266ee9505ae040885c8d3bc362008fb154ff163649cd4c505b20e115
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e8bd00c285a98476c467269f43303977a5298b511dbec39d8715c958917abe
f44a468aa93e5d5d1ffd4213c3d658ace2fdf2254abd1e70981afc5da82f041a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fb45f99791b77b7349d064ca6ff96f83a698f528ce7311da4878ec2095199dcd
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

bowfile.com Open in urlscan Pro 2606:4700:3037::ac43:cde6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

120 Requests

98 %HTTPS

71 %IPv6

23 Domains

30 Subdomains

29 IPs

4 Countries

2323 kBTransfer

4777 kBSize

12 Cookies

1 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bowfile.com Open in urlscan Pro
2606:4700:3037::ac43:cde6 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

98 %
HTTPS

71 %
IPv6

23
Domains

30
Subdomains

29
IPs

4
Countries

2323 kB
Transfer

4777 kB
Size

12
Cookies

120 HTTP transactions
5 data transactions