urlscan.io logo urlscan.io
SecurityTrails logo

i62756b6b6974o6f7267z.oszar.com Open in urlscan Pro
172.67.220.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://i62756b6b6974o6f7267z.oszar.com/forums
Effective URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 18 domains to perform 73 HTTP transactions. The main IP is 172.67.220.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is i62756b6b6974o6f7267z.oszar.com.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time i62756b6b6974o6f7267z.oszar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 34 172.67.220.76 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 104.18.2.78 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.223.40.198 16509 (AMAZON-02)
1 2600:9000:276... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 108.138.6.136 16509 (AMAZON-02)
1 35.244.144.25 15169 (GOOGLE)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
1 99.86.4.39 16509 (AMAZON-02)
1 23.50.111.224 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
73 22
34    172.67.220.76 (United States)

ASN13335 (CLOUDFLARENET, US)
i62756b6b6974o6f7267z.oszar.com
i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com
i616a6178o676f6f676c6561706973o636f6dz.oszar.com
i7362o73636f7265636172647265736561726368o636f6dz.oszar.com
i706c6174666f726do74776974746572o636f6dz.oszar.com
i706c7573o676f6f676c65o636f6dz.oszar.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
6    104.18.2.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2600:9000:2761:dc00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2600:9000:2491:3000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.244.144.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.144.244.35.bc.googleusercontent.com
tracker.nitropay.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    23.50.111.224 (Zurich, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-111-224.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
Apex Domain
Subdomains		 Transfer
34 oszar.com
i62756b6b6974o6f7267z.oszar.com
i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com
i616a6178o676f6f676c6561706973o636f6dz.oszar.com
i63646do637572736563646eo636f6dz.oszar.com Failed
i7362o73636f7265636172647265736561726368o636f6dz.oszar.com
i706c6174666f726do74776974746572o636f6dz.oszar.com
i706c7573o676f6f676c65o636f6dz.oszar.com
i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com Failed
231 KB
7 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 19339
tracker.nitropay.com — Cisco Umbrella Rank: 19216
253 KB
7 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 927
region1.google-analytics.com — Cisco Umbrella Rank: 3643
18 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
91 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1450
a.ad.gt — Cisco Umbrella Rank: 1552
5 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 23591
126 KB
2 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 17570
rumcdn.geoedge.be — Cisco Umbrella Rank: 2158
139 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
390 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 994
29 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1601
12 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096
17 KB
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 150
130 B
1 btloader.com
btloader.com — Cisco Umbrella Rank: 883
30 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
434 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
73 18
Domain Requested by
25 i62756b6b6974o6f7267z.oszar.com 2 redirects i62756b6b6974o6f7267z.oszar.com
static.cloudflareinsights.com
6 s.nitropay.com i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com
s.nitropay.com
i62756b6b6974o6f7267z.oszar.com
6 ssl.google-analytics.com i62756b6b6974o6f7267z.oszar.com
4 i706c6174666f726do74776974746572o636f6dz.oszar.com i62756b6b6974o6f7267z.oszar.com
i706c6174666f726do74776974746572o636f6dz.oszar.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
3 id.hadron.ad.gt s.nitropay.com
cdn.hadronid.net
2 ad-delivery.net i62756b6b6974o6f7267z.oszar.com
2 consent.nitrocnct.com s.nitropay.com
2 gum.criteo.com s.nitropay.com
2 i7362o73636f7265636172647265736561726368o636f6dz.oszar.com 1 redirects i62756b6b6974o6f7267z.oszar.com
1 a.ad.gt cdn.hadronid.net
1 cdn.id5-sync.com i62756b6b6974o6f7267z.oszar.com
1 cdn.hadronid.net i62756b6b6974o6f7267z.oszar.com
1 secure.cdn.fastclick.net i62756b6b6974o6f7267z.oszar.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ad.doubleclick.net i62756b6b6974o6f7267z.oszar.com
1 tracker.nitropay.com s.nitropay.com
1 btloader.com s.nitropay.com
1 rumcdn.geoedge.be s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 match.adsrvr.org s.nitropay.com
1 region1.google-analytics.com www.googletagmanager.com
1 i706c7573o676f6f676c65o636f6dz.oszar.com i62756b6b6974o6f7267z.oszar.com
1 www.googletagmanager.com i62756b6b6974o6f7267z.oszar.com
1 static.cloudflareinsights.com i62756b6b6974o6f7267z.oszar.com
1 i616a6178o676f6f676c6561706973o636f6dz.oszar.com i62756b6b6974o6f7267z.oszar.com
1 i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com i62756b6b6974o6f7267z.oszar.com
0 api.rlcdn.com Failed s.nitropay.com
0 i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com Failed i62756b6b6974o6f7267z.oszar.com
0 i63646do637572736563646eo636f6dz.oszar.com Failed i62756b6b6974o6f7267z.oszar.com
73 30
Subject Issuer Validity Valid
oszar.com
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
nitropay.com
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
id.hadron.ad.gt
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M03		 2024-07-12 -
2025-08-09		 a year crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.nitropay.com
WR3		 2024-09-30 -
2024-12-29		 3 months crt.sh
nitrocnct.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
hadronid.net
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
id5-sync.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
a.ad.gt
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://i62756b6b6974o6f7267z.oszar.com/forums/
Frame ID: 2CDEE280FF8E93B7CBF9E6507BA0C12D
Requests: 64 HTTP requests in this frame

Frame: https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 173C54CAD11375E4B5BE2C7FA0E7847F
Requests: 2 HTTP requests in this frame

Frame: https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Frame ID: EB7E26E629D9554A0FB4105E8C72A3D3
Requests: 4 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 5B805BDD6BF3AE1300478CD14A60F615
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bukkit Forums

Page URL History Show full URLs

  1. http://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    https://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    http://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    https://i62756b6b6974o6f7267z.oszar.com/forums HTTP 301
    https://i62756b6b6974o6f7267z.oszar.com/forums/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

92 %
HTTPS

57 %
IPv6

18
Domains

30
Subdomains

22
IPs

6
Countries

1066 kB
Transfer

3841 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    https://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    http://i62756b6b6974o6f7267z.oszar.com/forums HTTP 307
    https://i62756b6b6974o6f7267z.oszar.com/forums HTTP 301
    https://i62756b6b6974o6f7267z.oszar.com/forums/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/cs/20631572/beacon.js HTTP 302
  • https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/internal-cs/default/beacon.js
Request Chain 30
  • https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
i62756b6b6974o6f7267z.oszar.com/forums/
Redirect Chain
  • http://i62756b6b6974o6f7267z.oszar.com/forums
  • https://i62756b6b6974o6f7267z.oszar.com/forums
  • http://i62756b6b6974o6f7267z.oszar.com/forums
  • https://i62756b6b6974o6f7267z.oszar.com/forums
  • https://i62756b6b6974o6f7267z.oszar.com/forums/
47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
652155810ce8d25addab9968e8b5dc4c04007bbae589750df50c506eba5a5871
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https
age
0
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8dfd4f3aa8720187-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 11:02:19 GMT
expires
Thu, 19 Nov 1981 08
last-modified
Sat, 09 Nov 2024 11
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ty8N1THRWHuodNT5fCoLbU6KtG26mLyiRpiQSXSCPpct2ccuKWFn9gX05HOwxwtRzh1Dcc%2BdUJBr8jB9MeuoGPdxqcv3WGGjmg5cJoodNWZN%2Bez4SXGFfUzOZASTRcSxDnrfl7c1%2FbF%2FYGy7WcFzHUjI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=49273&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5343&recv_bytes=5645&delivery_rate=19663&cwnd=12000&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=12119&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-imitari-hits
-1
x-imitari-transactionid
26043527
x-loadbalancer-chosen
ip-10-0-102-169
x-powered-by
PHP/8.2.18
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dfd4f1b7e340187-CDG
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 11:02:15 GMT
location
https://i62756b6b6974o6f7267z.oszar.com/forums/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9w6F8r16Qjg2WxiXlo5p9XEaxMEwDFLX15Jx3uGx55J3wIot36n649UPzqVzx6K%2Fbmm7PwXovp7dxuPpT35CoKLyxWlcUr1JAB2eaeRtye%2F9eihLMp0ayjQtOETrRbM6HemNl3f6Ka3j1C6Avr6dZoXU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=48778&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4208&recv_bytes=4962&delivery_rate=9&cwnd=12000&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=7919&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by
PHP/8.2.18
bukkitnpinit.js
i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com/web/bukkit/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com/web/bukkit/bukkitnpinit.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
c7034cd0519bd9da7e8d6e4517f3861c9130b622a7905282ce75e50d1dab78c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"0acd28d33d77c0417cd919bdb6b249a5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjWr1MiPK%2B8KEJDWtb%2FGJzHPs0qWFFI0i6rWiHgI1gLqE9Qe4%2F0ifh3DyDSgY%2Bp9sSxBd%2BwJlHdACQJBvIkYJU9tuvATCttHZQPZQ5K1WVIa0wCCmzg9RpFqWBQ1p9VBLB%2BbQSuzbeXY5bLlfS7sGhfs0ZUiZGzQFygXdoq0JtXiZqJcyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-meta-cb-modifiedtime
Mon, 24 Jun 2024 05
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
AMDpoSuIGPPTE7eOrrNx7LkKhFIimbiOImMaIT_kE1jL7TAXAt8Few==
date
Sat, 09 Nov 2024 11:02:28 GMT
content-type
application/x-javascript
vary
Origin,Accept-Encoding
last-modified
Mon, 24 Jun 2024 06
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=49687&sent=122&recv=70&lost=0&retrans=0&sent_bytes=117934&recv_bytes=13507&delivery_rate=88876&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=20939&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 i6535326263663133343864383435626639636261323661333262666136333636o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray
8dfd4f556ded0187-CDG
accept-ranges
bytes
content-length
694
x-amz-cf-pop
IST50-P1
x-powered-by
PHP/8.2.18
server
cloudflare
x-amz-server-side-encryption
AES256
css.php
i62756b6b6974o6f7267z.oszar.com/forums/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/forums/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
x-loadbalancer-chosen
ip-10-0-180-254
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MW3KDDvUYquAzC2t6sqf6fwTopJge5QrOk4PmuliEQ18DpU5MNcZz8Vsp70%2BMwjVezd2ZZ7XO8Xw6Igp0aGkOux0SvpkOcF82KD3KR5WXwA2kFs8dkUrXeu1XF8xuWiIgaJePTD6kDNZ5Et6QyVS%2FOec"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Thu, 19 Nov 1981 08
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49687&sent=126&recv=70&lost=0&retrans=1&sent_bytes=121355&recv_bytes=13507&delivery_rate=88876&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=21050&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
last-modified
Sat, 09 Nov 2024 11
cache-control
private, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555dd60187-CDG
x-imitari-transactionid
61665440
access-control-allow-origin
https
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
css.php
i62756b6b6974o6f7267z.oszar.com/forums/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/forums/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
x-loadbalancer-chosen
ip-10-0-180-254
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBX4LU6OalKRAiUwRfPgduWch0t2exwtyFJmRjAtRhRmb9NBBSmygOwIUM6%2F5HTHGtFWOYEXKuD42E4FN2USV%2FmkFki5lakIEUyPXVtaTSM8fc6qMlJ1P5PdkZxKBVdA83R2%2Beh4byWY8mUkDOLM%2Fq7I"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Thu, 19 Nov 1981 08
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49953&sent=114&recv=69&lost=0&retrans=0&sent_bytes=109382&recv_bytes=13462&delivery_rate=344747&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=15863&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
last-modified
Sat, 09 Nov 2024 11
cache-control
private, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555dd70187-CDG
x-imitari-transactionid
31523159
access-control-allow-origin
https
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
jquery.min.js
i616a6178o676f6f676c6561706973o636f6dz.oszar.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i616a6178o676f6f676c6561706973o636f6dz.oszar.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
108988
report-to
{"group"
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 12
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48744&sent=29&recv=27&lost=0&retrans=0&sent_bytes=18638&recv_bytes=10787&delivery_rate=1448&cwnd=19200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=12260&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Mar 2020 19
priority
u=1,i=?0
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https
cf-ray
8dfd4f555ddb0187-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
33414
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
xenforo.js
i62756b6b6974o6f7267z.oszar.com/forums/js/xenforo/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/forums/js/xenforo/xenforo.js?_v=c2a3bd65
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
zstd
cf-cache-status
EXPIRED
x-loadbalancer-chosen
ip-10-0-102-169
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qxRZWJ5CZt5md9553wAH0wRCt0XhK8RNDx03vgXo11qUQh5ZOpQgTF0ZClpzxLgkumQS%2B2X300wMdirONptHOocXNvySoGcepUhLANqdPHQ%2B7BkRVYlHGR56%2BtILngH2Js10FmL8278kcdkO8Sh%2F5DB"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50717&sent=69&recv=48&lost=0&retrans=0&sent_bytes=63361&recv_bytes=11964&delivery_rate=131771&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=13937&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
last-modified
Sat, 09 Nov 2024 11
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555dd80187-CDG
x-imitari-transactionid
31523157
access-control-allow-origin
https
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
bbcodes.js
i62756b6b6974o6f7267z.oszar.com/forums/js/kingk/bbcm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/forums/js/kingk/bbcm/bbcodes.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
zstd
cf-cache-status
EXPIRED
x-loadbalancer-chosen
ip-10-0-180-254
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fMoTJCf%2BMoF2GdlNRtrOflyPO3RtxiuLVFs0LnBXvr6U152xaCpiwW8XVY6iZCSI5JLG3c%2BptmnBVg0%2FnJGWgHwDqvmq5EhQ8yCVCThblkUCrt9Z1aswqXwmisTy701pj3sdnvWDTHK52bfn6X1IgLK"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49731&sent=76&recv=52&lost=0&retrans=0&sent_bytes=71464&recv_bytes=12141&delivery_rate=15540&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=14534&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
last-modified
Sat, 09 Nov 2024 11
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555dd90187-CDG
x-imitari-transactionid
61262123
access-control-allow-origin
https
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
logo.png
i62756b6b6974o6f7267z.oszar.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/logo.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
aac3e3be3aff1443c84ff333079beaaa2fe813bed8f1cf1d2acf6d0af2c49bcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9OT7Bn36fdcs%2FBA5j669OLX6TuQLMPHFAOcL0RsXMl%2B4PPZoxNg0ZZLVHW5FIo8qvkhJoxj8Vn16%2FScVPuChCj6lBvhVnM7asXrrbDqOgvv7wSSUhDaiHmSEUFtvHSy6DS%2Buac63o4BFxcsKBX9VvVj"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52181&sent=62&recv=45&lost=0&retrans=0&sent_bytes=57052&recv_bytes=11830&delivery_rate=75346&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=13416&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:20 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=2,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-imitari-ttl
35.747/24.253
cf-ray
8dfd4f555dda0187-CDG
x-imitari-transactionid
67312785
accept-ranges
bytes
content-length
5386
x-powered-by
PHP/8.2.18
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://i62756b6b6974o6f7267z.oszar.com
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8dfd4f9b29968fc8-FRA
access-control-allow-origin
*
date
Sat, 09 Nov 2024 11:02:30 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11d2b8f4614848cdcfac5e4a139c29f941fc437c0aa4a5c8f2f4c5eaf59ae893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 09 Nov 2024 11:02:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109929
x-xss-protection
0
server
Google Tag Manager
css.php
i62756b6b6974o6f7267z.oszar.com/ 		147 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
d7fee4828ce7be68111d201f59ce24dc3be39b4a78d2b8744cd82e942dea8120
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-loadbalancer-chosen
ip-10-0-102-169
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d%2F4oEgJbcXB%2BEP3ML5kdb9DR0DhatERBfhkL43bJcOm%2BmLZW94P9l1e8SPG9cd9oJKNg2Q6TlJdLfRjpqu%2FwC2WHMBOmr6LMnjadn%2BSjNPlJUzDhj2Ye7jR2Yi%2F0exgaMbsv56KyMMO1b22WMHKvDeD"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Wed, 01 Jan 2020 00
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49208&sent=83&recv=56&lost=0&retrans=0&sent_bytes=79564&recv_bytes=12318&delivery_rate=168154&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=15714&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:23 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
last-modified
Sat, 09 Nov 2024 08
priority
u=0,i=?0
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555ddc0187-CDG
accept-ranges
bytes
x-imitari-transactionid
35692023
access-control-allow-origin
https
content-length
28244
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
css.php
i62756b6b6974o6f7267z.oszar.com/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
a002946b2bbdfced06e74761f8564eba6f5a8220a61065c2e87632273d8a84f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-loadbalancer-chosen
ip-10-0-180-254
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbL15nrIKEsRHol4pp1QKq41gQ%2B5eSh%2Fgq5G9qolrH1bpzHkP%2BtijSXGelVlLY3OlQ6kOeOe7J4PIsKuLikaD1Xwx1%2BBdFz3whONOlc6%2Ffy3b9x0twNB%2BBryqQWV7LPfvCXYvcZ405ZczbLATUxsqwrY"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Wed, 01 Jan 2020 00
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=53380&sent=59&recv=43&lost=0&retrans=0&sent_bytes=53461&recv_bytes=11743&delivery_rate=383911&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=13097&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:20 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
last-modified
Sat, 09 Nov 2024 08
priority
u=0,i=?0
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f555ddd0187-CDG
accept-ranges
bytes
x-imitari-transactionid
31426474
access-control-allow-origin
https
content-length
2728
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
age
3460
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 12:04:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 10:04:51 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17168
server
Golfe2
xenforo.js
i62756b6b6974o6f7267z.oszar.com/js/xenforo/ 		163 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/js/xenforo/xenforo.js?_v=c2a3bd65
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
b6ed629c694933a7ae24301c711beb44862ee4d7013e6c8c12cc19104a1899fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FEooKrArOLnoDYb5Pi3PZnPFH49fnjrm7iEb46RLrgGNGXmgno3Awgl2wsXfblPkd4L8wTy8N7Uel5mAzO0wRpehK1PTkTkEnoO5JmJ0fcmMwOWzAl2NnClD2I8IiJ4iy1qHCXLZUOAMklWFmViF%2F45"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
3
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49687&sent=140&recv=70&lost=0&retrans=7&sent_bytes=136483&recv_bytes=13507&delivery_rate=88876&cwnd=31200&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=22843&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:30 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=1,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-imitari-ttl
153.862/-93.862
cf-ray
8dfd4f6bb8340187-CDG
x-imitari-transactionid
14455415
accept-ranges
bytes
content-length
52207
x-powered-by
PHP/8.2.18
server
cloudflare
bbcodes.js
i62756b6b6974o6f7267z.oszar.com/js/kingk/bbcm/ 		574 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/js/kingk/bbcm/bbcodes.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
5b9e784e44a108ba7df7ef2432afd152938117d182684e998f36d191a7bf1630

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMv0KU1PY%2BFW693LfdloI%2B9jG3obgfrT74KLhC7oZ96XIIpOaPR6hT5qwZn%2B97kprNf9jz4CzLuSuNUYvHu7hdWX8WZmdG0pAR5X5sJiXUM8CwnmSZ01fvCib3EWVJ%2BDoKT4v8ZVF0KByCzHcBmVvLkc"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=158851&sent=211&recv=87&lost=25&retrans=26&sent_bytes=211982&recv_bytes=14841&delivery_rate=166402&cwnd=23520&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=23752&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=1,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9b58570187-CDG
x-imitari-transactionid
228486
accept-ranges
bytes
content-length
264
x-powered-by
PHP/8.2.18
server
cloudflare
cdmfactorem_min.js
i63646do637572736563646eo636f6dz.oszar.com/js/bukkit/ 		0
0
beacon.js
i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/internal-cs/default/
Redirect Chain
  • https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/cs/20631572/beacon.js
  • https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/internal-cs/default/beacon.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/internal-cs/default/beacon.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
d38b9798235a10e32ee67aa4a3b4264e9631ab1fefada6c987afb8c5d91ff442

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"e577c18a64fa27d73bcdf0c0433579b5"
age
64094
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLlfxfjNe9IPt%2FjNs%2B89AYhPtAUqZOiaank9S5QdHX4bBOKOF4V76JP5HfXPnOlsPYqQGPQ6BdpMTrbHkSrZYm7GzBvd6Bsto4xdmP7z5ALzAk68rXro29B2py8k%2B%2BwMNW6HC7rw1I3G2UX3nNeZP45aEfrk9DS%2BnMpvvdSzyEBv7x%2BnmC48w0lWEi1P"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8vEK96YCreu8snypal12kXHTvFp7MRbxg0awhY46Whd1_4UbScmkfQ==
date
Sat, 09 Nov 2024 11:02:36 GMT
content-type
application/javascript
vary
accept-encoding,Accept-Encoding
last-modified
Mon, 28 Oct 2024 08
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=66514&sent=321&recv=140&lost=26&retrans=26&sent_bytes=301992&recv_bytes=45605&delivery_rate=20866&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=28911&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 i6137393664663138303861393037303630643563363261313137653838633036o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray
8dfd4fbd6aff0187-CDG
accept-ranges
bytes
content-length
4877
x-amz-cf-pop
IST50-P2
x-powered-by
PHP/8.2.18
server
cloudflare
x-amz-server-side-encryption
AES256

Redirect headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/internal-cs/default/beacon.js
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZ5tnJGqE6jKJEJOsRfJH%2FGo98u3Ml3vhPVJ9B%2BC75O%2FSjR2aoU2LrpnyQB%2F7S0zLKrJ7cIq7oam%2BCm5bA%2BnJfR8Ksi6HiiGR0JI%2B%2Fa5Ex8rtWVlnIerTLrQcs2oiRc7XZWz50lZdzCcWWHENye5rRRwUn%2BZFwZJt9gOEETMcmBa5dkJr7eFKso3oRuJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dba4a0187-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=69020&sent=318&recv=139&lost=26&retrans=26&sent_bytes=300714&recv_bytes=44485&delivery_rate=66343&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=28839&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.18
vary
Accept-Encoding
priority
u=3,i=?0
widgets.js
i706c6174666f726do74776974746572o636f6dz.oszar.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
0804a541f6445461bcd507ea3c97aee5f20398a96d014a290c044039f7f6384b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
age
62
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1QD7Iq0h19SJC52gY2sC61GnGM8T9J92nbJSYjp1sthYIHrjkMEjAL7SlCjyC0kX7IiV6YrjYQysZIXvfq%2BdqESXA6EMTigL2wFaewbu6yQv4k4a1xoEr4UnB1PQvLkai9wfb4pl2IKDTcD9LZ5BF2v%2BDzh7s95Q0runETCXL3LVhgBsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
server-timing
cfL4;desc="?proto=QUIC&rtt=145153&sent=219&recv=98&lost=26&retrans=26&sent_bytes=213206&recv_bytes=20939&delivery_rate=21362&cwnd=23520&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=23853&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-lin1730040-LIN
last-modified
Mon, 11 Dec 2023 17
priority
u=3,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
tw-cdn
FT
cf-ray
8dfd4f9dca550187-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
27734
x-powered-by
PHP/8.2.18
server
cloudflare
x-amz-server-side-encryption
AES256
ga.js
ssl.google-analytics.com/ 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
age
3460
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 12:04:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 10:04:51 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17168
server
Golfe2
main-bar-gradient.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		978 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/main-bar-gradient.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
b1b3e3dbb4bf3dc215f9c934a12fe158606a0b170abb1f4de52e7b002016e0ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SViKrcxYgibD4DoE75v3yVbSBRz6sVLOo1MW8mOneFA0wygnNGgrqFVhK%2BySWxkDhHrqT5S1swoC%2BFwd9JbKUk2aJAtJG9aUPfdXP59WtYM%2FM1X5Cnm5CrmKyVlJDRo9lNb9SBMSm37evLQN0mht2B%2BY"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=122042&sent=257&recv=106&lost=26&retrans=26&sent_bytes=249597&recv_bytes=23656&delivery_rate=90889&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24057&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dda5f0187-CDG
x-imitari-transactionid
7042436
accept-ranges
bytes
content-length
978
x-powered-by
PHP/8.2.18
server
cloudflare
navigation-tab.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		1022 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/navigation-tab.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
c36da1c476e5c78862e81b5737332689646d91936a78ba2cba1e5d8c0881ebc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1Z20H9DY59fhMnH5xuKYgukwiaN3vSl%2FznGcxduzh5J5NY9t5iuXoDGBn2YAlnXEr32EPSc13sS%2BtsDLPaEtMbgeHUQI6wEUGTPFZjHbJB2iSdp9zo5Pz8gBRnY5rwZX5AYDntLWtIgg9RDGCQCs8Qe"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=108042&sent=274&recv=110&lost=26&retrans=26&sent_bytes=265109&recv_bytes=25119&delivery_rate=117817&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24159&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dda600187-CDG
x-imitari-transactionid
19308618
accept-ranges
bytes
content-length
1022
x-powered-by
PHP/8.2.18
server
cloudflare
circle-arrow-down.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/widgets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/widgets/circle-arrow-down.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
f01a04f01aca5479e9c989a3ceea9df7b396466e2266b213ee265c08a239f789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxJ5cNourtWc0qRlZIi3tDi2JCEGZtOpmK2z%2F0WVj0EdfWGc19bsO4x4c%2Fgs76arL2H63Vtqh1RpZKk1tT%2BcEmusQrgByrv8dHKG%2FPcFZOd5RtZZ2oFlxEPJCh1AIX3E3IZPq0OGDKtRRCg%2BArQU%2Bsr1"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=108042&sent=269&recv=109&lost=26&retrans=26&sent_bytes=261465&recv_bytes=24545&delivery_rate=117817&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24130&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dda630187-CDG
x-imitari-transactionid
13601185
accept-ranges
bytes
content-length
1099
x-powered-by
PHP/8.2.18
server
cloudflare
category-bar-gradient.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		955 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/category-bar-gradient.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
58d4a4fb06cbef8d35f9f1430b1acf5a5fca077c0965f07b08eab0046be720b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBSLoyqDtW68kVhmlDcN1ytZpOwP1%2BDgSGYf%2BDqQjH%2FIeyIb3rDN4wKru96PeRhRU2mCdDSLubg%2FbhEoT%2FAixvMPwWPlAUcT6zDahrP3L0Zm7Dkcet9nxOyf3jc193%2B3Ncx3vdvYDOq9LMzRh7r5HRlF"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=122042&sent=247&recv=104&lost=26&retrans=26&sent_bytes=242610&recv_bytes=22800&delivery_rate=90889&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24029&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dda660187-CDG
x-imitari-transactionid
3195394
accept-ranges
bytes
content-length
955
x-powered-by
PHP/8.2.18
server
cloudflare
node-sprite.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/node-sprite.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
ccfddeb32f3bffe097f2273aa29cd099ef390cac3681b97ba66a33eb7021b3d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tDnrN2RgCxfdL8rt%2B6n3ZlkJN%2B9QHvTkALS6wuWOVHv1HExO7drXF3ZB43zIaALXSpEXmAUccOLqgm3cHSDSE7zX6y2gaGeT9apGOpMzMY9ngd58uHikBd9Z9NhZiSfxn5H1ymelBPwJIL%2BZuNirWKs"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=108042&sent=261&recv=109&lost=26&retrans=26&sent_bytes=252362&recv_bytes=24545&delivery_rate=117817&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24110&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9dda680187-CDG
x-imitari-transactionid
4931172
accept-ranges
bytes
content-length
3583
x-powered-by
PHP/8.2.18
server
cloudflare
category-23px-light.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/category-23px-light.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awqU%2BJJTsP08j5JV4DlcQJlnoPjsKln0lwNK0O6x6gS1VGwl%2BNCiDAGw7WJMenoukV3%2Bman7zUqst%2FvHWTtUT%2FApa5Rxr4A3f28PxJMWmns5x5hW5ZVoARHnK5hvEoc7vh%2FOAFZDI2fFbipQX8ZoWcli"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=122042&sent=255&recv=106&lost=26&retrans=26&sent_bytes=247713&recv_bytes=23656&delivery_rate=90889&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24057&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-imitari-ttl
109.665/-49.665
cf-ray
8dfd4f9dda690187-CDG
x-imitari-transactionid
30196503
accept-ranges
bytes
content-length
1072
x-powered-by
PHP/8.2.18
server
cloudflare
xenforo-ui-sprite.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/xenforo-ui-sprite.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWeyw7ZxmeQbCcXsIHq0U%2Bi%2FcmccFqZgpho7Zv%2FFjtndJMtle%2BpVLyZ3CrpDoCJV94QCOJ%2FaTTLVURGyN%2FtxjlzyHkoyTarKJijfW1PAyh345alcVhbZdFCSYisIDQNSyTKAHaVXSkg8nFaqrWIBM7T2"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70438&sent=314&recv=138&lost=26&retrans=26&sent_bytes=295957&recv_bytes=44440&delivery_rate=5515&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=27685&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:35 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-imitari-ttl
73.596/-13.596
cf-ray
8dfd4f9dda6a0187-CDG
x-imitari-transactionid
1366566
accept-ranges
bytes
content-length
3894
x-powered-by
PHP/8.2.18
server
cloudflare
form-button-white-25px.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		192 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/form-button-white-25px.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhNJ177pCMbTN11MBDuc76ssW0%2BFidgTQEm1HPS5xI%2Bd7RkUTd8VsTjWdf%2Bh6Iq0fRvi99OXL33YVCiCpW0sIxfq%2FKYie18Y0FJgk03fs3cPiwXkQIrV4kOBL%2Bx1t%2BxZZDwl4foCsuJiJ24Y5tzCav97"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=115073&sent=259&recv=107&lost=26&retrans=26&sent_bytes=251362&recv_bytes=23701&delivery_rate=23620&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24101&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-imitari-ttl
47.327/12.673
cf-ray
8dfd4f9dea7c0187-CDG
x-imitari-transactionid
2584811
accept-ranges
bytes
content-length
192
x-powered-by
PHP/8.2.18
server
cloudflare
search-bg.png
i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/ 		943 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i62756b6b6974o6f7267z.oszar.com/styles/flexile/xenforo/gradients/search-bg.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
51c5f923069e43ee6fb72a61e52df86510f2a5f03bec824afca7df495f4cd745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771

Response headers

cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VyKOKJo5gf2f7FOQPwmlXSDUW%2B2UjNZkgqP3alWhxvdY7nziRM6lm7Ka1HVYHvOgAUDGOq%2BF0zjy4I0tK5PD4bYthjxhS6WSjn2R8GklLYzlo34GQWXvtDFcDka2LxA6p9pUEJj5Gm1C1Gx%2FWrF4B0C4"}],"group":"cf-nel","max_age":604800}
x-imitari-hits
-1
expires
Sat, 09 Nov 2024 15
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=108042&sent=272&recv=110&lost=26&retrans=26&sent_bytes=263378&recv_bytes=25119&delivery_rate=117817&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24148&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 18
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4f9e0a950187-CDG
x-imitari-transactionid
5539547
accept-ranges
bytes
content-length
943
x-powered-by
PHP/8.2.18
server
cloudflare
ads-1943.js
s.nitropay.com/ 		620 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-1943.js
Requested by
Host: i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com
URL: https://i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com/web/bukkit/bukkitnpinit.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242cfd833c6a529d65447dfaa164dc9d7fcb39a3f83f69f2c7fb1e6b7f9ba2fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-meta-goog-reserved-file-mtime
1731070616
x-goog-hash
crc32c=bMRy4Q==, md5=DYwgSaq3aP7U0caTyKrhLg==
cf-cache-status
HIT
etag
W/"0d8c2049aab768fed4d1c693c8aae12e:1731101120000:DE"
age
48853
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Sat, 08 Nov 2025 21:25:23 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
630056
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
text/javascript
last-modified
Fri, 08 Nov 2024 21:25:20 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1ycpISv9Ib3xIMbSAdNOwVuuERuQkXkBs2M9x_wm032y4T0RWL6IG-yrbzBnYqiIljSKhUM0ZYUA
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
private, max-age=600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4f9edb934528-TXL
access-control-allow-origin
*
x-goog-generation
1731070942109297
server
cloudflare
client:plusone.js
i706c7573o676f6f676c65o636f6dz.oszar.com/js/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i706c7573o676f6f676c65o636f6dz.oszar.com/js/client:plusone.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/js/xenforo/xenforo.js?_v=c2a3bd65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
fac0f76200f4ca04e87a9269d9e63e2b5b5e4d1d1c78a5f505802584bfc379af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
cf-cache-status
BYPASS
etag
"3cd139839332c93e"
report-to
{"group"
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 11
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=81862&sent=289&recv=131&lost=26&retrans=26&sent_bytes=269158&recv_bytes=43116&delivery_rate=13041&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24429&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
content-security-policy
require-trusted-types-for 'script'; report-uri https
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
cf-ray
8dfd4f9f0b390187-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
24390
x-xss-protection
0
x-powered-by
PHP/8.2.18
server
cloudflare
sdk.js
i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com/en_US/ 		0
0
main.js
i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 173C
Redirect Chain
  • https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3e4d1ea5d6b59f823615d4e36b1b9f13ae5913326042b82a879092522b9c90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ibaxb8c34CaGShCS1lKktz7uBg3A62Ve4VXJEcRaOVIf33kh%2B35qsdcjXDcUoHV%2BoQoO664%2FtD4TEz07WGNVwKl9k%2FG6PHnlnBTL2R5p9ztrd4kdLi5%2BFsdiu1Ng4Fe%2F%2FLdvI%2BhYUZCIPhSHzYqth0EP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8dfd4f9f7b990187-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=108042&sent=265&recv=109&lost=26&retrans=26&sent_bytes=256782&recv_bytes=24545&delivery_rate=117817&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24114&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLosdUUjkIjhLCseidEVLH%2Fr2lWNobM8gD3geq6y1qTn0DwdSk%2BWN8gezp2iPQh9iy%2BRjeKZepeUzlAOv9C68BJPkjAa%2BAwtuPEJ%2Fs5mZHFR9hM%2FDG9BZxHqtkxfYY58Hzjr3U7bWFvLIZi3cporOHGe"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfd4f9efb380187-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=122042&sent=254&recv=106&lost=26&retrans=26&sent_bytes=246986&recv_bytes=23656&delivery_rate=90889&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24039&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:31 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
__utm.gif
ssl.google-analytics.com/r/ 		35 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1211095149&utmhn=i62756b6b6974o6f7267z.oszar.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Bukkit%20Forums&utmhid=19399206&utmr=-&utmp=%2Fforums%2F&utmht=1731150151515&utmac=UA-20541082-1&utmcc=__utma%3D42559101.660080513.1731150152.1731150152.1731150152.1%3B%2B__utmz%3D42559101.1731150152.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2144234166&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 11:02:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
__utm.gif
ssl.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=2063817113&utmhn=i62756b6b6974o6f7267z.oszar.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Bukkit%20Forums&utmhid=19399206&utmr=-&utmp=%2Fforums%2F&utmht=1731150151520&utmac=UA-1045810-67&utmcc=__utma%3D42559101.660080513.1731150152.1731150152.1731150152.1%3B%2B__utmz%3D42559101.1731150152.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qBAAACAAAAAAAAAAAAAAAAAE~
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

age
14416
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 07:02:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
__utm.gif
ssl.google-analytics.com/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1579224771&utmhn=i62756b6b6974o6f7267z.oszar.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Bukkit%20Forums&utmhid=19399206&utmr=-&utmp=%2Fforums%2F&utmht=1731150151525&utmac=UA-1045810-22&utmcc=__utma%3D59825598.691255430.1731150152.1731150152.1731150152.1%3B%2B__utmz%3D59825598.1731150152.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=qBAgACAAAAAAAAAAAAAAAAgE~
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

age
14416
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 07:02:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
__utm.gif
ssl.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1270473989&utmhn=i62756b6b6974o6f7267z.oszar.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Bukkit%20Forums&utmhid=19399206&utmr=-&utmp=%2Fforums%2F&utmht=1731150151528&utmac=UA-20541082-1&utmcc=__utma%3D42559101.660080513.1731150152.1731150152.1731150152.1%3B%2B__utmz%3D42559101.1731150152.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=389339840&utmredir=1&utmmt=1&utmu=qBAgACAAAAAAAAAAAAAAAAgE~
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 11:02:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PNFHQ1FTKQ&gtm=45je4b70v9137753640za200&_p=1731150151354&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=882697144.1731150152&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731150151&sct=1&seg=0&dl=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2Fforums%2F&dt=Bukkit%20Forums&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=24118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
text/plain
server
Golfe2
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/ Frame EB7E 		15 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Requested by
Host: i706c6174666f726do74776974746572o636f6dz.oszar.com
URL: https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda

Request headers

Referer
https://i62756b6b6974o6f7267z.oszar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dfd4f9f9bba0187-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 11:02:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
refresh
2;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRMf9CUNdBAzwPhue1W3O4usV26aOW%2FrRhPHml7HM2D45z306iha6LntrT2SBMNKcK%2BzxVQMoeV35okrd3oQz6zYdvcnt7ovCH9LRulrhlpFov0o5zV71G%2BNiNIoZC5uE7wgh5w0t4SqIwDlOOCZxo%2BSgkDdQW2%2FrfdL%2FV%2BfZ%2BmtbK8qPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=86602&sent=276&recv=115&lost=26&retrans=26&sent_bytes=266916&recv_bytes=25343&delivery_rate=189783&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24265&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/8.2.18
8dfd4f3aa8720187
i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 173C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/8dfd4f3aa8720187
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcIlkzuwC%2FjmRVqanfe0avo%2BcNJIBANm414dgK%2Fs9irwRVXqk%2FM4mYFthXziYUuJqmFy83yDT9uzxm%2FWGrG%2Bg4oUXryRf%2BilJvkxtJI6jfXNQdQwm7Z9vHoL3GZVmUBYgn0XqFfZW6PXgBh5werH3keK"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfd4fa11cda0187-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=81862&sent=288&recv=131&lost=26&retrans=26&sent_bytes=267973&recv_bytes=43116&delivery_rate=13041&cwnd=24720&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=24400&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
json
gum.criteo.com/sid/ 		2 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2F&domain=i62756b6b6974o6f7267z.oszar.com&cw=1&lsw=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
208974
expires
0
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
date
Sat, 09 Nov 2024 11:02:31 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=720&_it=prebid&t=1&src=id&domain=i62756b6b6974o6f7267z.oszar.com
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8dfd4fa57d111957-FRA
access-control-allow-origin
*
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e2c901aeea7ed58765235d162eaefaee13353d92d48e6e08030308e8ed89dba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Mon, 09 Dec 2024 11:02:32 GMT
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:dc00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
etag
"6a6d57dbabaa297544a761a67d32156f"
age
73060
via
1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
3527
x-amz-cf-id
LVG7dQyHaPlPzH-psRwYvM4_dfXnvqaEZjoqbyrPvKkhDnu3LyYjpA==
date
Sat, 09 Nov 2024 02:17:20 GMT
content-type
text/html
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 5B80 		401 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dd0d0384de90093026b1acfd5321fc24d089f5d05007a4cc6834854eb1c9f6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
CraKEFwDQWuGqUGeTE21.KZ8iQltabSP
etag
W/"1dd207ffdd813ae3f1430443d76a768b"
age
1730
x-cache
Hit from cloudfront
x-amz-cf-id
8AKgjKImPoSQw95ZC_jZ0esbSJn8YcsM5gkeBpsJn8nSiARPmT96DQ==
date
Sat, 09 Nov 2024 10:33:43 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Sat, 09 Nov 2024 10:16:11 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
tag
btloader.com/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867e40e0a53bed7658a897578ade6584f7f0296ead03a6954e4246d024821e7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"1f03575a81afc3288a896d484dfccbcb"
age
94
via
1.1 google
cf-ray
8dfd4fa57e8b362d-FRA
accept-ranges
bytes
content-length
30767
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
application/javascript
last-modified
Sat, 09 Nov 2024 10:58:37 GMT
vary
Origin, Accept-Encoding
server
cloudflare
gpp-a07aa01.min.js
s.nitropay.com/ 		269 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-a07aa01.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d6fb2515582144e20937c9f2d141e5c9e34a9b27a2fa6383178d04704a4a79
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=6P/32g==, md5=dUEnDRBUl7AhZbGGcDCegg==
cf-cache-status
HIT
etag
W/"7541270d105497b02165b18670309e82"
age
79056
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Fri, 15 Nov 2024 13:04:56 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
275530
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
text/javascript
last-modified
Wed, 30 Oct 2024 15:44:54 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0TB6v0R0m3Io1pxyPYfDvr-WhiN3ahSMMlAc3PhS55CxCO1J3bIPbiVlzJyLxcLzRBvzo
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa4edae4528-TXL
access-control-allow-origin
*
x-goog-generation
1730303094116639
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
1895
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
WJUpzcHBUuK0d58M5iBc8WC30S38xC5ChJUN-bAAHvwqc44NXq7_4Q==
date
Sat, 09 Nov 2024 10:30:58 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
1943
tracker.nitropay.com/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/a/1943?d=eyJocmVmIjoiaHR0cHM6Ly9pNjI3NTZiNmI2OTc0bzZmNzI2N3oub3N6YXIuY29tL2ZvcnVtcy8iLCJ2Ijo5NiwiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJERSIsInIiOiIifQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1943.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 11:02:32 GMT
server
nginx/1.27.0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2F&domain=i62756b6b6974o6f7267z.oszar.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://i62756b6b6974o6f7267z.oszar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 09 Nov 2024 11:02:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
214823
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
1.gif
s.nitropay.com/ 		42 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
cf-cache-status
HIT
etag
"d89746888da2d9510b64a9f031eaecd5"
age
79057
x-goog-stored-content-encoding
identity
expires
Fri, 15 Nov 2024 13:04:55 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
42
date
Sat, 09 Nov 2024 11:02:32 GMT
x-goog-custom-time
1970-01-01T00:00:00Z
content-type
image/gif
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0WDMyF_ySaP4bKwN5sGGwdlLGn6bHgx7rzAu_KmbpZ73yGAmq4D8ORxh9VsBAONerA4mrUYcZhYg
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-meta-
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa53e234528-TXL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1611305925409947
content-length
42
server
cloudflare
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-a07aa01.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
cf-cache-status
MISS
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nr3D2ImD6uNXNl3PEXGWTdldxE36pmHcFbIBtd3S%2FiPxYLUPXxFG4QNHyokiHuU4X3uNQo9tHxDJrMfXgsOBb6S9mg6c4T0E%2FbTYBw5gf8pGAxxdGzaSUQ1Ppzt6qYEw3KweWOBXhYE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 16 Nov 2024 10:58:45 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
119221
server-timing
cfL4;desc="?proto=QUIC&rtt=51770&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4198&recv_bytes=4665&delivery_rate=62313&cwnd=12000&unsent_bytes=0&cid=a170ac86e6757608&ts=88&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
text/plain
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHmUCY2oEjL_pEcao8qSbozPv86-97zOblcxvxeX5ZxmYtQaoU9hIB9MtIBjKag4SoMyfB2OGqI
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8dfd4fa6191e0086-CDG
access-control-allow-origin
*
x-goog-generation
1689147090287559
server
cloudflare
vendor-list-v3.json
consent.nitrocnct.com/ 		639 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-a07aa01.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e06ccb9856c3e01846aa80c2105083351fe5cf95fb956743c5c9650b47423f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=SRtGDg==, md5=Phls1hRiVljBVUrKtLFpwQ==
cf-cache-status
MISS
etag
W/"3e196cd614625658c1554acab4b169c1"
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v146gikxRvDKL5fXztGQeLBLS4mEyEtcN%2FFQLh%2FVvqIMsODeoJt7xfVhQZhPjOtWEw6FaPJDFdu3dgAiSmGiZbcQPciu%2Bba3Bh3fPm5iAqKMX58QmDENRpJQRI0C1Gor2ZXf9Q7RAC8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 16 Nov 2024 10:26:31 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
654795
server-timing
cfL4;desc="?proto=QUIC&rtt=51770&sent=23&recv=8&lost=0&retrans=0&sent_bytes=15621&recv_bytes=4665&delivery_rate=62313&cwnd=12000&unsent_bytes=0&cid=a170ac86e6757608&ts=92&x=1", cfExtPri, cfHdrFlush;dur=53
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
application/json
last-modified
Thu, 07 Nov 2024 16:15:08 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHmUCY2k-hCwSTS3xtLIjY0eDgaty_fWIjVva_95Yzp8B77zRo00Odg7Lhe3QjzEUR9xxTZcpvSoJVO8sg
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8dfd4fa6191d0086-CDG
access-control-allow-origin
*
x-goog-generation
1730996108738060
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
641814
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZY%2Bh7uPlqRjAz7NRaWH6KLxk24J40IA4OhEIxx4nuiAIlLsmLini0848sABwRk0It55w%2FRm6uzRVvb9q2dIm2SK7Y95ZmPDqMn6fONajxDYDznYCWRaG%2Bpx8cKJ%2F57Y9GW52VXUnGVFgqrxPEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 02 Nov 2024 01:21:58 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=40456&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2279&delivery_rate=94992&cwnd=253&unsent_bytes=0&cid=2a49021b21599d60&ts=70&x=0"
x-goog-stored-content-length
43
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa689495ba4-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
gzip
age
59318
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 18:33:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:33:54 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3147308839606793
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
641814
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCa2JVlgf6Opzw1Zzp7XYWru9NGu4EOMGaYbiBPXgbizWcZhUI3EZspN7RoU03LfjlmUL0K6I1oPfVpnE%2BdJ3MQiJlf8fH1ca1hYIhatkqU2NOI2s6UrsIVxIHz28FBePKTklw%2FOnDMYVJeAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 02 Nov 2024 01:21:58 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=40456&sent=11&recv=11&lost=0&retrans=0&sent_bytes=5124&recv_bytes=2279&delivery_rate=94992&cwnd=253&unsent_bytes=0&cid=2a49021b21599d60&ts=71&x=0"
x-goog-stored-content-length
43
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa689475ba4-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
max-age=3600
age
2245
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
CMRgPANd1l4QteXPCjc2J1Mu4kjgCanUshGN_DWdIaATqqJNqCYb5w==
date
Sat, 09 Nov 2024 10:25:07 GMT
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
x-cache
Miss from cloudfront
content-length
1591
x-amz-cf-id
HmgBx_bNycPEl5EAZkx-pPvAqjTzu6luzYmAYGPVGRPeDyHWj4purQ==
date
Sat, 09 Nov 2024 11:02:32 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
30574
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
OG_mMtjbrGkKyLno74oYzw3glqHlu_EUx-03dRPXiggOCrqotYRuYw==
date
Sat, 09 Nov 2024 02:32:59 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.111.224 Zurich, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-111-224.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Sat, 09 Nov 2024 11:17:33 GMT
accept-ranges
bytes
content-length
17407
date
Sat, 09 Nov 2024 11:02:33 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2Fforums%2F&ref=&_it=amazon&partner_id=720
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
public, max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
49
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
expires
Thu, 14 Nov 2024 11:02:33 GMT
cf-ray
8dfd4fa85e462c6b-FRA
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
19
expires
Sat, 09 Nov 2024 12:02:33 GMT
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
x-amz-id-2
SbKT+H/Ks52DcrA7wQKGkSpCNlsF58OJteKts4Fw4GrRY1JuytuA93UngWr5T5MJeYAJhAWQdqs=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
BSY044PCYPS24SMJ
cf-ray
8dfd4fa83f4e9f18-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
lang.png
s.nitropay.com/cmp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
cf-cache-status
HIT
etag
"ca072a3965f49a2c242c45d535163a53"
age
3324
x-goog-stored-content-encoding
identity
expires
Sat, 09 Nov 2024 11:02:11 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1887
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0mNFTM3WfCMiO0aOkeKXyNAidM8STJDh-QoIy5_RmjPIJwZCwg4P4zSu2_jRZ0t1R4pMo
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa8abbb4528-TXL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058779792
content-length
1887
server
cloudflare
cancel.png
s.nitropay.com/cmp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
cf-cache-status
HIT
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
age
3324
x-goog-stored-content-encoding
identity
expires
Sat, 09 Nov 2024 11:03:03 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1302
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2Cna-f0O2ij03XQqeLVgAZqocjHS1WnRC0D40gOpeaWe0hvhE8pjSMnxrIwHMg3dAolM0fbY-XPA
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa8abbd4528-TXL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058825998
content-length
1302
server
cloudflare
logo.png
s.nitropay.com/cmp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
cf-cache-status
HIT
etag
"940aa5b81e99bbb7414acc474a89bad9"
age
3324
x-goog-stored-content-encoding
identity
expires
Sat, 09 Nov 2024 10:22:09 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2592
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0k8gxb-5vzNt8na5ZPhL8GzF1XZ13XsXx1n-NriMbOuRhlIXM-Xj96KQ_EgCcRFM5xSUg
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dfd4fa8abbf4528-TXL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058842900
content-length
2592
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		119 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=i62756b6b6974o6f7267z.oszar.com&url=https://i62756b6b6974o6f7267z.oszar.com/forums/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2Fforums%2F&ref=&_it=amazon&partner_id=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d521419770788ff5ab9767232ca40ad54cb572d11bed2c3a1c10810e0fda8bf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8dfd4fa9c8d31957-FRA
access-control-allow-origin
*
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=i62756b6b6974o6f7267z.oszar.com&url=https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://i62756b6b6974o6f7267z.oszar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8dfd4fa8e8151957-FRA
content-length
0
content-type
application/json
date
Sat, 09 Nov 2024 11:02:33 GMT
debug
OPTIONS block
expires
Sun, 09 Nov 2025 11:02:33 GMT
server
cloudflare
720
a.ad.gt/api/v1/u/matches/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/720?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com%2Fforums%2F&ref=&_it=amazon&partner_id=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af6127f94b98d08790e56598157f18a0ba9ea87414aae8da94d3c6756854666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
26
cross-origin-resource-policy
cross-origin
cf-ray
8dfd4fab7f3f3a8c-FRA
date
Sat, 09 Nov 2024 11:02:33 GMT
content-type
application/javascript
last-modified
Sat, 09 Nov 2024 11:01:41 GMT
vary
Accept-Encoding
server
cloudflare
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/ Frame EB7E 		15 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda

Request headers

Referer
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dfd4fb20ad60187-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 11:02:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
refresh
2;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DOsYrLP8VlEtlcnv5aymgeq5bAMIKiaBkwjBBseUbn8HYam0KiQgAFZYr4MQ7JbiXVzBqf59PySE3yELZ40EZlUTTCnSDTuQitqPswUw1%2Fxn7H6eNUQVdZfenf5YPNodoxBc2G6h1U01w7zMVohNN%2FotFvcoiE5VfFIBvT6rRxmFtJ15g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=71743&sent=313&recv=137&lost=26&retrans=26&sent_bytes=295173&recv_bytes=44395&delivery_rate=27646&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=27162&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/8.2.18
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/ Frame EB7E 		15 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Requested by
Host: i62756b6b6974o6f7267z.oszar.com
URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda

Request headers

Referer
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dfd4fc08da20187-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 11:02:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
refresh
2;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpKEGIS8V4sK44EFUaCr3qR9eWeZGBpk3nHNCv%2FrQ8gO44J8%2FGSmg6KJFDWP0j9j8wXR2gSyOj59C5TykhAEHe11IWFGhG3q4yKhY662zy3SxnN67L26rxkqLPQzzs8H%2FtkHUV8nQBHErm1KRRL6aR8zLThyaaX6iA5WydF4KA0zQ%2FIQqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=65170&sent=327&recv=143&lost=26&retrans=26&sent_bytes=307990&recv_bytes=46751&delivery_rate=372&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=29472&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/8.2.18
rum
i62756b6b6974o6f7267z.oszar.com/cdn-cgi/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8dfd4fc61a590187-CDG
access-control-allow-origin
https://i62756b6b6974o6f7267z.oszar.com
date
Sat, 09 Nov 2024 11:02:37 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
i62756b6b6974o6f7267z.oszar.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i62756b6b6974o6f7267z.oszar.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f325400640fe23f1d99a31b40dfd43cb4c37c5fec9fe428f2042576b4bbb7654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://i62756b6b6974o6f7267z.oszar.com/forums/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3a5e-6516f11b-1f2268;gz"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I91YnPBm%2BAD10mJLtc8aUqanPXQBSsxTPOtevjo%2FCMyc9nHWiVpHdB8kYNUK9Y3j4ggl1SaNU1QGWoAeqAOEGl1tW7l%2FFZ5wFx9fCPhzXJRKK1E9FVKmWD%2FYgXkXhOI1Zc5L%2BAd3HFf5ccsl%2BrvrDMJ8"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 15:36:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64349&sent=334&recv=152&lost=26&retrans=26&sent_bytes=310483&recv_bytes=51682&delivery_rate=1862&cwnd=27120&unsent_bytes=0&cid=e51dbc16b1aae5e5&ts=30600&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 11:02:38 GMT
content-type
image/x-icon
last-modified
Fri, 29 Sep 2023 15:45:31 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfd4fc7dbd20187-CDG
accept-ranges
bytes
content-length
2742
server
cloudflare
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/ Frame EB7E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i63646do637572736563646eo636f6dz.oszar.com
URL
https://i63646do637572736563646eo636f6dz.oszar.com/js/bukkit/cdmfactorem_min.js?misc=1731150151283
Domain
i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com
URL
https://i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com/en_US/sdk.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=64232681
Domain
i706c6174666f726do74776974746572o636f6dz.oszar.com
URL
https://i706c6174666f726do74776974746572o636f6dz.oszar.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fi62756b6b6974o6f7267z.oszar.com

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| _gaq function| $ function| jQuery object| XenForo object| jQuery1110039027547115821903 function| XFNoCaptchaCallback object| script object| tstamp object| _comscore function| bb2_addLoadEvent function| addTag function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| npCreateAds object| nitroAds object| __cfBeacon object| api object| ___gcfg function| fbAsyncInit object| _gat object| gaGlobal function| onYouTubeIframeAPIReady object| __twttrll object| twttr object| __twttr object| ads object| nads object| napbjs object| _pbjsGlobals object| regeneratorRuntime object| __tcfapi_queue function| __tcfapi function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents object| apstag object| gapi object| ___jsl object| ___gu object| nitroAdsCMP object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr object| __bt object| __bt_intrnl object| __bt_tag_d object| _aps boolean| apstagLOADED object| apscustom function| ha object| __id5_finalization_registry object| ID5 object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| au object| COMSCORE

21 Cookies

Domain/Path Name / Value
.i62756b6b6974o6f7267z.oszar.com/ Name: bukkit_org
Value: %7B%22HttpHost%22%3A%22bukkit.org%22%2C%22HttpDomain%22%3A%22bukkit.org%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fforums%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fbukkit.org%5C%2Fforums%22%2C%22GirisIP%22%3A%22104.19.154.88%22%7D
.i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com/ Name: content_overwolf_com
Value: %7B%22HttpHost%22%3A%22content.overwolf.com%22%2C%22HttpDomain%22%3A%22content.overwolf.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fweb%5C%2Fbukkit%5C%2Fbukkitnpinit.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fcontent.overwolf.com%5C%2Fweb%5C%2Fbukkit%5C%2Fbukkitnpinit.js%22%2C%22GirisIP%22%3A%22108.157.52.33%22%7D
.i62756b6b6974o6f7267z.oszar.com/ Name: __utma
Value: 42559101.660080513.1731150152.1731150152.1731150152.1
.i62756b6b6974o6f7267z.oszar.com/ Name: __utmc
Value: 42559101
.i62756b6b6974o6f7267z.oszar.com/ Name: __utmz
Value: 42559101.1731150152.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.i62756b6b6974o6f7267z.oszar.com/ Name: __utmt
Value: 1
.i62756b6b6974o6f7267z.oszar.com/ Name: __utmt_c
Value: 1
.i62756b6b6974o6f7267z.oszar.com/ Name: __utmb
Value: 42559101.2.10.1731150152
.oszar.com/ Name: _ga_PNFHQ1FTKQ
Value: GS1.1.1731150151.1.0.1731150151.0.0.0
.oszar.com/ Name: _ga
Value: GA1.1.882697144.1731150152
.nitropay.com/ Name: __cf_bm
Value: EATvad.e8baATRzRhjq9SayM2GL0wS6b6izInoOTbs4-1731150151-1.0.1.1-q5KCBuGAOu_Cu5vbkke3or_iCKfrIvo6kE.aXKikRSa4WqK.PAVE6Qweg5bND5eRL8ZT3rho37Hi47fz3J8ASQ
.oszar.com/ Name: cf_clearance
Value: XpHbuTSUslr1tH3xyCxXbZe2BMH4OxGenb_lNdAQ9xI-1731150151-1.2.1.1-kN8zKIxt4_R7CEDhSVMk9hUWJmQYFQoYOhtDfjUxpgLV3KQ2GmJKc22XAic.u3j8K_pS8NNwDUBIdyzformtRwRxERrxUa8.o.0ov2M8c84YYCn4tGPY9bvi4V6NehNV0tycX3ybqLviQUqWpKt3HSD34LtekhoqQOSKu3dqTh8xosTHwy.GgC0k68_neC_laQLv.q4yymW7jt_OWxm50G2pbEVkBd1_.O0RsU1Vn.sjOS3nosgKyPu2Mz_K4ZnlWJdwYMrYHsyZWCd2lgoLyxvQBLavRauJtfWd3HawMHJ3QOqBDe8rBPR35bczAulNXpiEO.r31e0kGGNSe6ixfT6lx0Vew4bXlQKMSUBdpCd7kWJjaW8Og9XVQ_MsVfkQ
.i706c7573o676f6f676c65o636f6dz.oszar.com/ Name: plus_google_com
Value: %7B%22HttpHost%22%3A%22plus.google.com%22%2C%22HttpDomain%22%3A%22plus.google.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fjs%5C%2Fclient%3Aplusone.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fplus.google.com%5C%2Fjs%5C%2Fclient%3Aplusone.js%22%2C%22GirisIP%22%3A%22172.217.20.78%22%7D
i62756b6b6974o6f7267z.oszar.com/ Name: _lr_retry_request
Value: true
i62756b6b6974o6f7267z.oszar.com/ Name: _lr_env_src_ats
Value: false
.oszar.com/ Name: ncmp.domain
Value: oszar.com
i62756b6b6974o6f7267z.oszar.com/ Name: na-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-11-09T11%3A02%3A32%22%7D
i62756b6b6974o6f7267z.oszar.com/ Name: na-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.ad.gt/ Name: au_3p_check
Value: 1
.i7362o73636f7265636172647265736561726368o636f6dz.oszar.com/ Name: sb_scorecardresearch_com
Value: %7B%22HttpHost%22%3A%22sb.scorecardresearch.com%22%2C%22HttpDomain%22%3A%22sb.scorecardresearch.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fcs%5C%2F20631572%5C%2Fbeacon.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fsb.scorecardresearch.com%5C%2Fcs%5C%2F20631572%5C%2Fbeacon.js%22%2C%22GirisIP%22%3A%22108.157.60.7%22%7D
.i63646do637572736563646eo636f6dz.oszar.com/ Name: cdm_cursecdn_com
Value: %7B%22HttpHost%22%3A%22cdm.cursecdn.com%22%2C%22HttpDomain%22%3A%22cdm.cursecdn.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fjs%5C%2Fbukkit%5C%2Fcdmfactorem_min.js%22%2C%22GetVeri%22%3A%22%3Fmisc%3D1731150151283%22%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fcdm.cursecdn.com%5C%2Fjs%5C%2Fbukkit%5C%2Fcdmfactorem_min.js%3Fmisc%3D1731150151283%22%2C%22GirisIP%22%3A%22104.21.87.126%22%7D

9 Console Messages

Source Level URL
Text
network error URL: https://i62756b6b6974o6f7267z.oszar.com/forums/js/xenforo/xenforo.js?_v=c2a3bd65
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i62756b6b6974o6f7267z.oszar.com/forums/js/kingk/bbcm/bbcodes.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i62756b6b6974o6f7267z.oszar.com/forums/css.php?css=bbcm_js,login_bar,node_category,node_forum,node_list,sidebar_share_page&style=10&dir=LTR&d=1731139771
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i62756b6b6974o6f7267z.oszar.com/forums/css.php?css=xenforo,form,public&style=10&dir=LTR&d=1731139771
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0DB10A4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A020DC10A4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://i62756b6b6974o6f7267z.oszar.com/forums/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=64232681' from origin 'https://i62756b6b6974o6f7267z.oszar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=64232681
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad-delivery.net
ad.doubleclick.net
api.rlcdn.com
btloader.com
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
gum.criteo.com
i616a6178o676f6f676c6561706973o636f6dz.oszar.com
i62756b6b6974o6f7267z.oszar.com
i63646do637572736563646eo636f6dz.oszar.com
i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com
i636f6e74656e74o6f766572776f6c66o636f6dz.oszar.com
i706c6174666f726do74776974746572o636f6dz.oszar.com
i706c7573o676f6f676c65o636f6dz.oszar.com
i7362o73636f7265636172647265736561726368o636f6dz.oszar.com
id.hadron.ad.gt
match.adsrvr.org
region1.google-analytics.com
rumcdn.geoedge.be
s.nitropay.com
secure.cdn.fastclick.net
ssl.google-analytics.com
static.cloudflareinsights.com
tracker.nitropay.com
wrappers.geoedge.be
www.googletagmanager.com
api.rlcdn.com
i63646do637572736563646eo636f6dz.oszar.com
i636f6e6e656374o66616365626f6f6bo6e6574z.oszar.com
i706c6174666f726do74776974746572o636f6dz.oszar.com
104.18.2.78
108.138.6.136
142.250.181.230
172.67.220.76
188.114.97.3
2001:4860:4802:34::36
23.50.111.224
2600:9000:2491:3000:4:b37b:9440:93a1
2600:9000:2761:dc00:2:d490:4d80:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:4bd8
2606:4700:10::ac43:246e
2606:4700:20::ac43:4513
2606:4700::6810:4f49
2a00:1450:4001:809::2008
2a00:1450:4001:831::2008
2a02:2638:3::c
35.244.144.25
52.223.40.198
99.86.4.39
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0804a541f6445461bcd507ea3c97aee5f20398a96d014a290c044039f7f6384b
11d2b8f4614848cdcfac5e4a139c29f941fc437c0aa4a5c8f2f4c5eaf59ae893
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5
242cfd833c6a529d65447dfaa164dc9d7fcb39a3f83f69f2c7fb1e6b7f9ba2fe
24d6fb2515582144e20937c9f2d141e5c9e34a9b27a2fa6383178d04704a4a79
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
3af6127f94b98d08790e56598157f18a0ba9ea87414aae8da94d3c6756854666
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e
50e06ccb9856c3e01846aa80c2105083351fe5cf95fb956743c5c9650b47423f
51c5f923069e43ee6fb72a61e52df86510f2a5f03bec824afca7df495f4cd745
58d4a4fb06cbef8d35f9f1430b1acf5a5fca077c0965f07b08eab0046be720b8
5b9e784e44a108ba7df7ef2432afd152938117d182684e998f36d191a7bf1630
652155810ce8d25addab9968e8b5dc4c04007bbae589750df50c506eba5a5871
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac
6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6dd0d0384de90093026b1acfd5321fc24d089f5d05007a4cc6834854eb1c9f6f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867e40e0a53bed7658a897578ade6584f7f0296ead03a6954e4246d024821e7a
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
a002946b2bbdfced06e74761f8564eba6f5a8220a61065c2e87632273d8a84f6
aac3e3be3aff1443c84ff333079beaaa2fe813bed8f1cf1d2acf6d0af2c49bcc
b1b3e3dbb4bf3dc215f9c934a12fe158606a0b170abb1f4de52e7b002016e0ce
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b6ed629c694933a7ae24301c711beb44862ee4d7013e6c8c12cc19104a1899fb
c36da1c476e5c78862e81b5737332689646d91936a78ba2cba1e5d8c0881ebc5
c7034cd0519bd9da7e8d6e4517f3861c9130b622a7905282ce75e50d1dab78c0
ccfddeb32f3bffe097f2273aa29cd099ef390cac3681b97ba66a33eb7021b3d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d38b9798235a10e32ee67aa4a3b4264e9631ab1fefada6c987afb8c5d91ff442
d521419770788ff5ab9767232ca40ad54cb572d11bed2c3a1c10810e0fda8bf2
d7fee4828ce7be68111d201f59ce24dc3be39b4a78d2b8744cd82e942dea8120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
df3e4d1ea5d6b59f823615d4e36b1b9f13ae5913326042b82a879092522b9c90
e2c901aeea7ed58765235d162eaefaee13353d92d48e6e08030308e8ed89dba8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01a04f01aca5479e9c989a3ceea9df7b396466e2266b213ee265c08a239f789
f325400640fe23f1d99a31b40dfd43cb4c37c5fec9fe428f2042576b4bbb7654
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12
fac0f76200f4ca04e87a9269d9e63e2b5b5e4d1d1c78a5f505802584bfc379af