disney-badendings.forumactif.org Open in urlscan Pro
94.23.159.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://disney-badendings.forumactif.org/
Effective URL:
https://disney-badendings.forumactif.org/
Submission: On June 23 via api (June 23rd 2024, 7:59:10 am UTC) from US — Scanned from FR

Summary HTTP 92 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 92 HTTP transactions. The main IP is 94.23.159.185, located in London, United Kingdom and belongs to OVH, FR. The main domain is disney-badendings.forumactif.org.
TLS certificate: Issued by R3 on June 2nd 2024. Valid for: 3 months.

This is the only time disney-badendings.forumactif.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	94.23.159.185 94.23.159.185	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
7	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:566	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
10 20	104.21.233.197 104.21.233.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.21.235.75 104.21.235.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:249... 2600:9000:2490:4000:1d:b722:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	172.67.11.187 172.67.11.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.217.127 172.67.217.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2606:4700:20:... 2606:4700:20::ac43:4558	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	74.114.154.18 74.114.154.18	2635 (AUTOMATTIC) (AUTOMATTIC)
1 5	2a01:4f8:fff3... 2a01:4f8:fff3:f::	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	18.173.187.112 18.173.187.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
4	52.51.1.77 52.51.1.77	16509 (AMAZON-02) (AMAZON-02)
92	30

8 94.23.159.185 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)

disney-badendings.forumactif.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:566 (United States)

ASN13335 (CLOUDFLARENET, US)

cache.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.21.233.197 (None, ) 10 redirects

ASN13335 (CLOUDFLARENET, US)

zupimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zupimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.21.235.75 (None, )

ASN13335 (CLOUDFLARENET, US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:4000:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.images.express.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.11.187 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.sportslocalmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.217.127 (United States)

ASN13335 (CLOUDFLARENET, US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4558 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.114.154.18 (Ashburn, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

78.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:fff3:f:: (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

api.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-112.muc50.r.cloudfront.net

comparisons.sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.1.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-1-77.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	zupimages.net 10 redirects zupimages.net — Cisco Umbrella Rank: 142370 www.zupimages.net — Cisco Umbrella Rank: 171777	14 MB
14	tumblr.com 1 redirects 64.media.tumblr.com — Cisco Umbrella Rank: 19703 78.media.tumblr.com — Cisco Umbrella Rank: 257208	3 MB
14	2img.net 2img.net — Cisco Umbrella Rank: 333621	254 KB
8	forumactif.org 1 redirects disney-badendings.forumactif.org	126 KB
7	consentframework.com 1 redirects cache.consentframework.com — Cisco Umbrella Rank: 51672 choices.consentframework.com — Cisco Umbrella Rank: 48869 api.consentframework.com — Cisco Umbrella Rank: 48305	170 KB
7	illiweb.com illiweb.com — Cisco Umbrella Rank: 344048	42 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 11711 api.viglink.com — Cisco Umbrella Rank: 22049	31 KB
4	shorturl.at 4 redirects shorturl.at — Cisco Umbrella Rank: 88730 www.shorturl.at — Cisco Umbrella Rank: 101580	2 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844	236 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355 www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
3	sportslocalmedia.com ads.sportslocalmedia.com — Cisco Umbrella Rank: 84178	229 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83 imasdk.googleapis.com — Cisco Umbrella Rank: 531	173 KB
2	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	275 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	23 KB
2	gstatic.com fonts.gstatic.com	38 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	166 KB
1	sovrn.com comparisons.sovrn.com — Cisco Umbrella Rank: 25390	2 KB
1	topicit.net connect.topicit.net — Cisco Umbrella Rank: 736127	2 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7210	359 B
1	servimg.com i.servimg.com — Cisco Umbrella Rank: 349897	108 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3915	10 KB
1	express.co.uk cdn.images.express.co.uk — Cisco Umbrella Rank: 66425	273 KB
92	24

	Domain	Requested by
14	2img.net	disney-badendings.forumactif.org
13	64.media.tumblr.com	disney-badendings.forumactif.org
10	www.zupimages.net	disney-badendings.forumactif.org
10	zupimages.net	10 redirects
8	disney-badendings.forumactif.org	1 redirects disney-badendings.forumactif.org
7	illiweb.com	disney-badendings.forumactif.org
5	api.consentframework.com	1 redirects disney-badendings.forumactif.org choices.consentframework.com
4	api.viglink.com	cdn.viglink.com disney-badendings.forumactif.org
4	cdn.taboola.com	disney-badendings.forumactif.org cdn.taboola.com
3	ads.sportslocalmedia.com	disney-badendings.forumactif.org ads.sportslocalmedia.com
2	ad-delivery.net	disney-badendings.forumactif.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.shorturl.at	2 redirects
2	shorturl.at	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.jsdelivr.net	disney-badendings.forumactif.org
2	www.googletagmanager.com	disney-badendings.forumactif.org www.googletagmanager.com
1	securepubads.g.doubleclick.net	imasdk.googleapis.com
1	ad.doubleclick.net	disney-badendings.forumactif.org
1	api.btloader.com	btloader.com
1	btloader.com	ads.sportslocalmedia.com
1	imasdk.googleapis.com	ads.sportslocalmedia.com
1	comparisons.sovrn.com	cdn.viglink.com
1	region1.google-analytics.com	www.googletagmanager.com
1	connect.topicit.net	disney-badendings.forumactif.org
1	cdn.viglink.com	disney-badendings.forumactif.org
1	78.media.tumblr.com	1 redirects
1	bit.ly	1 redirects
1	i.servimg.com	disney-badendings.forumactif.org
1	upload.wikimedia.org	disney-badendings.forumactif.org
1	cdn.images.express.co.uk	disney-badendings.forumactif.org
1	fonts.googleapis.com	disney-badendings.forumactif.org
1	choices.consentframework.com	disney-badendings.forumactif.org
1	cache.consentframework.com	disney-badendings.forumactif.org
1	ajax.googleapis.com	disney-badendings.forumactif.org
92	35

This site contains links to these domains. Also see Links.

Domain
www.forumactif.com
www.letempsdunrp.com
multivercity.forumactif.com
2img.net
no-more-happy-endings-rpg.tumblr.com
incorrect-nmhe-quotes.tumblr.com
nmhe-illustration.tumblr.com
forum.forumactif.com
www.consentframework.com

Subject Issuer	Validity	Valid
m91.maxns.net R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
illiweb.com E6	`2024-06-12` - `2024-09-10`	3 months	crt.sh
consentframework.com E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
2img.net E1	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh
cdn.images.express.co.uk Amazon RSA 2048 M02	`2023-08-31` - `2024-09-27`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
sportslocalmedia.com GTS CA 1P5	`2024-05-06` - `2024-08-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
servimg.com E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
viglink.com Amazon RSA 2048 M02	`2023-09-13` - `2024-10-11`	a year	crt.sh
topicit.net E1	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.consentframework.com RapidSSL TLS RSA CA G1	`2024-02-19` - `2025-03-20`	a year	crt.sh
comparisons.sovrn.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://disney-badendings.forumactif.org/
Frame ID: C7E0EDAD1D7A3140B7BDF70BA8879091
Requests: 91 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 44EB8549862BA69E7F67B44D2C61E0BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

No More Happy Endings

Page URL History Show full URLs

http://disney-badendings.forumactif.org/ HTTP 307
https://disney-badendings.forumactif.org/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

92
Requests

83 %
HTTPS

45 %
IPv6

24
Domains

35
Subdomains

30
IPs

6
Countries

19665 kB
Transfer

22782 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forumactif.com/

Search URL Search Domain Scan URL

URL: http://www.letempsdunrp.com/

Search URL Search Domain Scan URL

URL: https://multivercity.forumactif.com/

Search URL Search Domain Scan URL

URL: https://2img.net/i/fa/prosilver/icon_contact_email.gif
Title: MP

Search URL Search Domain Scan URL

URL: http://no-more-happy-endings-rpg.tumblr.com/
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://incorrect-nmhe-quotes.tumblr.com/
Title: NMHE Quotes

Search URL Search Domain Scan URL

URL: https://nmhe-illustration.tumblr.com/
Title: Illustrations

Search URL Search Domain Scan URL

URL: https://www.forumactif.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://forum.forumactif.com/
Title: Forum gratuit d'entraide

Search URL Search Domain Scan URL

URL: https://www.forumactif.com/forum-gratuit
Title: Forum gratuit

Search URL Search Domain Scan URL

URL: https://www.consentframework.com/
Title: sites

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://disney-badendings.forumactif.org/ HTTP 307
https://disney-badendings.forumactif.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://zupimages.net/up/21/07/tgvi.png HTTP 301
https://www.zupimages.net/up/21/07/tgvi.png

Request Chain 16

https://zupimages.net/up/21/07/rok3.png HTTP 301
https://www.zupimages.net/up/21/07/rok3.png

Request Chain 24

https://zupimages.net/up/23/14/xc1z.gif HTTP 301
https://www.zupimages.net/up/23/14/xc1z.gif

Request Chain 26

https://zupimages.net/up/24/17/ceak.png HTTP 301
https://www.zupimages.net/up/24/17/ceak.png

Request Chain 31

https://zupimages.net/up/23/14/tvch.gif HTTP 301
https://www.zupimages.net/up/23/14/tvch.gif

Request Chain 32

https://zupimages.net/up/23/14/3t2j.gif HTTP 301
https://www.zupimages.net/up/23/14/3t2j.gif

Request Chain 45

https://zupimages.net/up/23/14/lfaj.png HTTP 301
https://www.zupimages.net/up/23/14/lfaj.png

Request Chain 46

https://zupimages.net/up/23/14/1z1w.png HTTP 301
https://www.zupimages.net/up/23/14/1z1w.png

Request Chain 54

https://shorturl.at/trBq4 HTTP 301
https://www.shorturl.at/trBq4 HTTP 302
https://64.media.tumblr.com/a0e1083d1834e895c3ed081949ee1bda/5acb9e6c5475b1ab-a9/s400x600/363e77a167032feb48f734ed4491b8f80a44c27d.pnj

Request Chain 55

https://shorturl.at/aNRHj HTTP 301
https://www.shorturl.at/aNRHj HTTP 302
https://64.media.tumblr.com/7ddf57366e6c98e8ca1d60edec2eb22b/56841da554348354-2e/s400x600/a893e862e74e044d732ae309af469a4c2a26ebf0.pnj

Request Chain 56

https://zupimages.net/up/23/14/oapa.jpg HTTP 301
https://www.zupimages.net/up/23/14/oapa.jpg

Request Chain 57

https://bit.ly/3zOMHtN HTTP 301
https://64.media.tumblr.com/3327dd7dbb0222ca84626942910f363a/1167c8e1820a1090-eb/s400x600/f948bcb6dfc7871e1bf468aaa7be69fcd821289a.pnj

Request Chain 58

https://78.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif HTTP 301
https://64.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif

Request Chain 60

https://api.consentframework.com/api/v1/public/profile?origin=https://disney-badendings.forumactif.org HTTP 302
https://api.consentframework.com/api/v1/public/profile?bounce=1

Request Chain 62

https://disney-badendings.forumactif.org/u476 HTTP 302
https://disney-badendings.forumactif.org/login?redirect=%2Fu476

Request Chain 66

https://zupimages.net/up/23/14/5xql.png HTTP 301
https://www.zupimages.net/up/23/14/5xql.png

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
disney-badendings.forumactif.org/
Redirect Chain

http://disney-badendings.forumactif.org/
https://disney-badendings.forumactif.org/

162 KB
45 KB

231ms
178ms

Document
text/html

94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

001aa59bf795ab2ea59ba1060e059794e79c614a0c69917469f397facbc8b921

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 23 Jun 2024 07:59:02 GMT
expires: Sun, 23 Jun 2024 00:00:00 GMT
last-modified: Sun, 23 Jun 2024 07:59:02 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

Location: https://disney-badendings.forumactif.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 22-ltr.css
disney-badendings.forumactif.org/ 200 KB
64 KB 185ms
182ms Stylesheet
text/css 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/22-ltr.css

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5ce8cc9cc7d90d8c4ab349fbd1768a626c4e7c4dede621b0d1a293f5d500814d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2024 00:00:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 65194
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 12:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 12:40:05 GMT

GET
H3 200 fr.js Show response
illiweb.com/rs3/86/frm/lang/ 72 KB
20 KB 80ms
47ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/lang/fr.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4487b64fd8d779b738404d215a2af5a084edc3191f6206864cf556cf025058ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232334
cf-polished: origSize=73951
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 16 May 2023 15:02:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6caGs66pOYxRezuPtXepj5%2BKSjSiSGHq0fY1s54b649SAZ1U2dKStbeBiWmtZGAXMOgvJVdMc%2BBphgYlouqUdQbuAFPjIbvFQbD%2BIzVfIQN39fQDbnrhAPIyTGe3Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8982efb9bf790062-CDG
expires: Fri, 20 Jun 2025 15:26:48 GMT

GET
H2 200 99939.js Show response
disney-badendings.forumactif.org/ 1 KB
873 B 36ms
34ms Script
application/x-javascript 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/99939.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

98b0cb219401b7bdfcaf17c53e77565868619bc3f349a567d8db634ad7b6ccf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:15:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: HIT
content-length: 617
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19822.js Show response
disney-badendings.forumactif.org/ 155 B
388 B 35ms
33ms Script
application/x-javascript 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/19822.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2c668b5725fc6463bc4eacc880a01e81cab297bb7aaef896e9ccc1fc6aa81b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 31 Oct 2020 09:50:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: HIT
content-length: 132
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stub Show response
cache.consentframework.com/js/pa/24697/c/IxWav/ 2 KB
1 KB 81ms
27ms Script
text/javascript 2606:4700:20::681a:566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.consentframework.com/js/pa/24697/c/IxWav/stub

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbb0cbb3ed6239cd63bc945a0e480633034cde30f1e0fc7de56a75b2a7c350a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:46:54 GMT
server: cloudflare
age: 728
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbG%2BNrR%2BplXLjNSaZQMv%2FWEn8y7mbY3AseCt8vjucd%2F49KQbxeoQfowaH1JlX14but7EbpNBEUMB7nuhAwZmTyPyInrw2C%2FijtKdZjBmVQxlBrBmdX3XER%2FR2qrP%2FuiJtKS%2BK1huJpT8uTg67Lz%2BNjHYq6wfuHJb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8982efb9d8636ec0-CDG

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/24697/c/IxWav/ 606 KB
166 KB 35ms
25ms Script
text/javascript 2606:4700:20::681a:566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2f62beaf82271afd8c9ef6683e4fd59dffd66cd641a571f74ffbbee46451db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:49:10 GMT
server: cloudflare
age: 592
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDHRV5M3qu2VcoM222%2FTuJyB%2FUdlm%2BiqoNTZCHPUvFCwiuXkwMH2Wt7Z04PVF15tKNP6nBJ0kiessbqRgMijm%2Beqg2v9%2FvPKsYk9%2BeHwJzBsPxe8n5V%2F9zcqcpvSyKNmJQToi9%2Fo380%2FEAJIugfr40Imuv73f0bj13I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8982efbb39446ec0-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 121ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144388882-1

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe72d9802ef172830fbf7223ca69693bcbc657ba68aff2615ad7ff6d4ed5e669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 07:59:02 GMT

GET
H3 200 jquery.cookie.js Show response
illiweb.com/rs3/86/frm/jquery/cookie/ 1011 B
1 KB 79ms
47ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5025229
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FWknir0lUzmPo%2BvkwMSFOdIkCCSY2nIpwhepaOuF5Tk2zOhosEaioIyRWHum6gPKZgPw1ibZ0%2FHWbeyWr4fEHPToVTxPkYI7byVRjsMRYHD2rnnCCDkmYNylmCAJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8982efb9bf780062-CDG
expires: Sat, 26 Apr 2025 04:05:13 GMT

GET
H3 200 tooltipster.js Show response
illiweb.com/rs3/86/frm/mentions/ 17 KB
6 KB 78ms
46ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/mentions/tooltipster.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5770974
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YN0Zg86il%2BJsZLsuVMtbeYfggpL8pJ6SBAy5W3KB2yaZZEAhWKlriSZFoq4RFK0yBi9HTMdaOQXjeMMK0gmh%2FhJyV0BtuJT8MX37OzHFNObtA53zzaoTpTdggn6Zsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8982efb9bf770062-CDG
expires: Thu, 17 Apr 2025 12:56:08 GMT

GET
H3 200 init.js Show response
illiweb.com/rs3/86/frm/mentions/ 2 KB
2 KB 75ms
44ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/mentions/init.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6463856
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: MISS
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 14:29:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUxdTWAgM6OZoo8cT%2FafhjfAtyTzTO47A7hnHpur7spFsusutR3js6C21n8dlOkPt%2BMRs0mBSpeGgS4Nqp4e6O9DDrxiI93zs6XVxRQaZ1g%2BXmdoUoMXRRX2mLp%2FCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: MISS
cf-ray: 8982efb9bf710062-CDG
expires: Wed, 09 Apr 2025 12:28:06 GMT

GET
H3 200 FAToolbar.js Show response
illiweb.com/rs3/86/frm/jquery/toolbar/ 26 KB
7 KB 59ms
28ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6736903
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: MISS
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 14:51:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rswuDIaMJzvUsnKwKXkQ8niZkRQ7PBq2bhmkK8FE%2BTbK%2BkOPPkhmdRz5821QkX2jxhiO7v7CeRpbRxnBx%2F5ZDakfr9eH6HIrESLO9swFSgTH5FaYdr6alcPqqMhwqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: MISS
cf-ray: 8982efb9bf740062-CDG
expires: Sun, 06 Apr 2025 08:37:19 GMT

GET
H3 200 tooltipster.css
illiweb.com/rs3/86/frm/mentions/ 6 KB
2 KB 77ms
46ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/mentions/tooltipster.css

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6463857
cf-polished: origSize=6667
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: MISS
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HaFnqEUb6frSRfzF%2BzUx30i9M1XLsTfnu1XPI%2FiAzRTeB9B8wl%2Bt94cqOuR9jLuiRCEcFMtSL8bVDDUc6YFK5qUf2C6sd40oQbJmLEYmmg3ILjAbWN6dXSAR6LAI8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: MISS
cf-ray: 8982efb9bf750062-CDG
expires: Wed, 09 Apr 2025 12:28:05 GMT

GET
H3 200 twemoji.min.js Show response
illiweb.com/rs3/86/frm/twemoji/ 17 KB
5 KB 58ms
26ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/86/frm/twemoji/twemoji.min.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5897641
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 10 Jan 2023 08:34:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OU712pydWhoEq7fab6SYNilkq70nLRVCc03qLdsVOEJjmTyd8zd5y9nn3gmuXmSZsVB7x4dFlP6LYJgmGWCuTiOavFRC69cg%2FcP%2BMWQwBtqU2YxVVB%2B03U8cG7vTdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8982efb9bf760062-CDG
expires: Wed, 16 Apr 2025 01:45:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 95ms
33ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito&family=Raleway&display=swap

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19aa8dd9e48119d963bee3588bb206b5a69089b14907abbe8e04627c467b59e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 07:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 07:59:02 GMT

GET
H3

200

tgvi.png
www.zupimages.net/up/21/07/
Redirect Chain

https://zupimages.net/up/21/07/tgvi.png
https://www.zupimages.net/up/21/07/tgvi.png

26 KB
26 KB

60ms
48ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/21/07/tgvi.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c25615e18a93ba31e0fc26672a5e33b614847d7f07555caa408e8008ebc56a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:40:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzxjZPFKBHB9LdGz9cUbC1fNPyB1nXldSLMIv2aTdiqS8sqPXaby7owEZrfCrsKy9rzeYBTS%2FrLFjqt5pvkaHL%2BqPzAlY0d%2BB%2BqFET%2FdRuGWfsB2eE2S2D0iH%2FDCm9LOa9mfFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="tgvi.png"
cf-ray: 8982efba091e1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWhUFBC211RfR67AxHjsYyo5Iv6F3bBCv83ajbYEAo6mbVTUcGUVD%2Bge6%2Bg9nmEPAh9rYQfDSo225qVNQ%2BQEkfa9XwX62ZEf3%2B9qwL3ggGe0FdfvyRIIHQpI8LVwkO%2Be"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/21/07/tgvi.png
cache-control: max-age=3600
cf-ray: 8982efb9c8ea1c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H3

200

rok3.png
www.zupimages.net/up/21/07/
Redirect Chain

https://zupimages.net/up/21/07/rok3.png
https://www.zupimages.net/up/21/07/rok3.png

25 KB
25 KB

232ms
220ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/21/07/rok3.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac614d25cfbaabddc4682273d94272d16c4a2012432f068c654e1b4404f862d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJ2J0BU3fwtXEXWutjHWY%2B7inJAzi628Gm5jjCaTPjAMPxpGd7exky2u4BV9WAxmzk%2FzL%2BCUr8sT8mmf6KFncMQQ3MB1qAO%2BEavghimZke7Qrum9lZNOqs9JPdgsMma3FAQlMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="rok3.png"
cf-ray: 8982efba091f1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3NoO69lXMpxUC8WEiaA1NSZe0bHgeFFPf8e5yCWFBxRtBCqmbMMQxVfEcxcwEHFpbNr%2F%2F07aaLlY%2BlzzKkS82kxY3btlYySvf1ePRVs%2Bpf6rH5dKwRiuHkIjRP7Zk60"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/21/07/rok3.png
cache-control: max-age=3600
cf-ray: 8982efb9c8eb1c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H3 200 icon_gallery.png
2img.net/i/fa/modernbb/ 291 B
847 B 69ms
34ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_gallery.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4caa6f9566577b1af55d892ddfb306a30ba700c6fbbc61d1d10bed278be0165e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8771753
alt-svc: h3=":443"; ma=86400
content-length: 291
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:41:18 GMT
server: cloudflare
etag: "587cdb8e-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1ptBNYgXwmt27u8IsWEvAlhJonK07OE1zX5GOOGmZhjYYZYPme%2BsFcFz5br3qVqjUfVE9%2FS8nB9cZbXsbSyo4OZSAPucvKxUuQ%2F0wDXCW4novNGzokGL1%2FlFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbaab8eb932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_home.png
2img.net/i/fa/modernbb/ 232 B
752 B 29ms
29ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_home.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f70a3fd42a3e445d3b56b5b9d9f5888f1dab6232b5ccefd5f0dc6b2f0d1b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8776537
alt-svc: h3=":443"; ma=86400
content-length: 232
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:39:16 GMT
server: cloudflare
etag: "587cdb14-e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzLYMjhoxABSDSS%2FnhHyzWc9kJZNGgR0IlKmuOdIYnyBVB1O%2BSjCYGIV%2B0hS5rlBY5Jy4xnnMb5rsu1%2FVw56TIdii9cKlDFJJlQsU4qsks1oy3sqZe9LUPRFVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbaebcdb932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_search.png
2img.net/i/fa/modernbb/ 278 B
803 B 29ms
28ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_search.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e44c5db5b3400cac97d6bcd1219a1643e421ffd58c3cab781e5caf6d3ea29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8776537
alt-svc: h3=":443"; ma=86400
content-length: 278
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:20:54 GMT
server: cloudflare
etag: "587cd6c6-116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3tkT5VzYt%2FTTwJ%2FeIQA%2Feqv6sVIp9Tun4PSlM7Qen4r%2BeIO6tgxRKTLPgq8Y0TbYLehQpJiHXlZdJMD8z%2BZBglfJIR5H9j5HEfBWw8U88zaZ53dcy%2Fj%2FngKzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb2c11b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 empty.gif
2img.net/i/ 43 B
565 B 30ms
28ms Image
image/gif 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/empty.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7898519
alt-svc: h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Mon, 09 May 2016 08:45:50 GMT
server: cloudflare
etag: "57304e3e-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FZ6XJQti8SyidMu7K2VDpdRDfAXSmIL1IuU5KTtd0iZgrA5FOyOQaUzxetzPTUkFRc6%2BVfYUNd%2FokKH%2B3OXTb5dDpXbHj5%2FLqOR7VaPIxrpRA%2BIf7MtuCG8Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb2c12b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_register.png
2img.net/i/fa/modernbb/ 129 B
649 B 30ms
28ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_register.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7633bb4efa863c2a8954acd6c080cc8bccb6427689e6171e06d7a22669e561e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8776537
alt-svc: h3=":443"; ma=86400
content-length: 129
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:25:09 GMT
server: cloudflare
etag: "587cd7c5-81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l76N60J5hp847VyhlR7hKcy9%2FE%2FZjA8yaKtNBwxPfXlv%2B7rxstTOVKrP6JMaYTWADkcqvbbO1d8t%2ByFOGM2nh1ivM7at5SwVxBLJMHNoboxN9ldbg9ZDnX%2BgjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb2c13b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_logout.png
2img.net/i/fa/modernbb/ 206 B
728 B 31ms
29ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_logout.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69eb1edfd26bb829b907df80ac5a8aa5c5d73e9ada80e864b0ec86b57560a026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8781330
alt-svc: h3=":443"; ma=86400
content-length: 206
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:36:02 GMT
server: cloudflare
etag: "587cda52-ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZdyjoMN%2BGl3%2Fa2%2FIPzQX4qTZcPRGp6dVvZnbAi%2B4WNxEG73t8YjwjvqKtWb%2FJL6ZkNYsvOUS8QWTxisNh4t8jPn7MtAh%2BcSAqoltxmhIoYCBYVRoQEssHS7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb2c15b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tumblr_pgd9dmOaf61rhqmbpo2_250.gif
64.media.tumblr.com/7647aba2dcfb4ff4ed748c3a6112729c/ 812 KB
814 KB 102ms
51ms Image
image/gif 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7647aba2dcfb4ff4ed748c3a6112729c/tumblr_pgd9dmOaf61rhqmbpo2_250.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f15a9d18ee74a7099cb045c4c778058d4f05ff4ded9d8139a799474c7700ff10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
content-disposition: inline; filename="tumblr_pgd9dmOaf61rhqmbpo2_250.gif"
server-timing: dc;desc=cdg, cache;desc=HIT;dur=0.0
alt-svc: h3=":443"; ma=86400
content-length: 831996
x-nc: HIT cdg 3
last-modified: Wed, 10 Oct 2018 04:49:01 GMT
server: nginx
etag: "f73fbb79e46c1df832df738e24de9133-1523937600-876ad91"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3

200

xc1z.gif
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/xc1z.gif
https://www.zupimages.net/up/23/14/xc1z.gif

3 MB
3 MB

54ms
54ms

Image
image/gif

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/xc1z.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22e63a04188f0304dc650759737bc5f910fd50b8e7f1ae501d527da4867551b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6W%2F6LZ0SQBZURipz6ohgnJsYSeHyGxF%2Bm%2FzGax8UVBTOkqWAgAm4JAPhxMLSA%2F8hWjhDvwNRqWlZNDJxdNiMoKmbI1ZdG6Jyn%2FZqqzIXy4LaxdotS98pHSLSOy9RoNhHMsECA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
content-disposition: filename="xc1z.gif"
cf-ray: 8982efbb7a5d1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URQqdoPZknJ4ZjFDBsBEbPbZrObSP1guf%2FCydnvzkYnXLBtn5rnmpjHbMs8zDVLxyfE55%2FW8nFD0vPhydi9d6WG0GURYGEpiNjByii6fc%2FrVTUqd%2FUXTRQvkwVBRQLqt"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/xc1z.gif
cache-control: max-age=3600
cf-ray: 8982efbb2a0f1c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H2 200 tumblr_phbcxoGZ1u1vc8ncjo4_1280.png
64.media.tumblr.com/f924d0f82078886613fa1884faffcd01/ 854 KB
857 KB 102ms
52ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f924d0f82078886613fa1884faffcd01/tumblr_phbcxoGZ1u1vc8ncjo4_1280.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dbe98dc3c36d3bc9fa5fb625e6368c66016a7d8542a88f7de4e400e9bb2324cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=cdg, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 874764
x-nc: HIT cdg 7
last-modified: Sun, 06 Dec 2020 00:24:57 GMT
server: nginx
etag: "f924d0f82078886613fa1884faffcd01-1498089600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H3

200

ceak.png
www.zupimages.net/up/24/17/
Redirect Chain

https://zupimages.net/up/24/17/ceak.png
https://www.zupimages.net/up/24/17/ceak.png

16 KB
17 KB

44ms
44ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/24/17/ceak.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb378757e1f681eef936b29c21316d1d4ba953cefd8a2327b814da69e305a8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tssL4ihB4sKHRB6Tf0N%2F15GAFyZrbkOg41i63tzKuG%2BXgfUmRiZI3a0T3SP91RCmafzj8a7Nt5lC7cTG4rAIO97zkInLBwakaxtGigXlNg9dp9w4Naf6UdHCaE29JcaZTGYLqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="ceak.png"
cf-ray: 8982efbb7a581c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trS8Yw5SOsWcJYvr24EfZRoftwJ4yceVJpqPR%2BQTTtQvLQTQZFl0I1g%2B%2F8Mbfa%2FGfudlYdtEQyw4KtWYbab64y9Ta%2Bag3h1%2BXrVQ5OKBrw4mQr7GKo8lMs7GutGE3IQv"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/24/17/ceak.png
cache-control: max-age=3600
cf-ray: 8982efbb2a111c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H2 200 389058_1.jpg
cdn.images.express.co.uk/img/dynamic/79/590x/ 273 KB
273 KB 122ms
36ms Image
image/jpeg 2600:9000:2490:4000:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/79/590x/389058_1.jpg
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:4000:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4001b8a948e3ff1a05a8b033a8156dd6f7965621ed6340751cb058e13eefe48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:58:40 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 24
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 279060
last-modified: Wed, 01 Sep 2021 11:37:28 GMT
server: AmazonS3
etag: "ebf5daf13e601af7243cd148e3368c65"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
accept-ranges: bytes
x-amz-cf-id: YKfVqs87teXdNBynsUlXswxBMn9CYGw8LrQDCkpWaPtr0dU6vxAl7w==

GET
H2 200 19791f672334e79e252b318cecb2917a8ceae1fd.jpg
64.media.tumblr.com/731ff5859b00f016796a9995749660fd/80154e864628053f-0b/s1280x1920/ 77 KB
77 KB 103ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/731ff5859b00f016796a9995749660fd/80154e864628053f-0b/s1280x1920/19791f672334e79e252b318cecb2917a8ceae1fd.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

93867e2d7a9314c47c816eb15865858a9436d1d5e5fdfb593dce21f02d6d6da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_731ff5859b00f016796a9995749660fd_19791f67_1280.jpg"
server-timing: dc;desc=cdg, cache;desc=HIT;dur=0.0
alt-svc: h3=":443"; ma=86400
content-length: 78628
x-nc: HIT cdg 6
last-modified: Tue, 15 Dec 2020 23:26:07 GMT
server: nginx
etag: "cc9bfacc89d94253a5047d082665d32f-1498089600-c38309f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_pgobhkrS6z1s0v7b0o7_400.png
64.media.tumblr.com/3c63a334119d899bb895d575a546fd20/ 59 KB
59 KB 102ms
52ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3c63a334119d899bb895d575a546fd20/tumblr_pgobhkrS6z1s0v7b0o7_400.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f41ae6dcf01265ba55917dd21dad3532fad59e916753f99a19bffe2f6022e709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=cdg, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 59966
x-nc: HIT cdg 5
last-modified: Sat, 12 Dec 2020 17:18:31 GMT
server: nginx
etag: "3c63a334119d899bb895d575a546fd20-1498089600-c38309f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_p6dbnlF4tf1x61e5so4_250.jpg
64.media.tumblr.com/70f32c0321f4ae1ff7fcc9926ab5d62c/ 13 KB
13 KB 103ms
52ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/70f32c0321f4ae1ff7fcc9926ab5d62c/tumblr_p6dbnlF4tf1x61e5so4_250.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2131bc329e8590489b812f33e00ff9438c1dc0b650048a3ae68f2db17ef4ecd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=cdg, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 12855
x-nc: HIT cdg 6
last-modified: Tue, 15 Dec 2020 03:22:34 GMT
server: nginx
etag: "06c2e4ffded4e564e16030e72ff7a42a-1498089600-c38309f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H3

200

tvch.gif
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/tvch.gif
https://www.zupimages.net/up/23/14/tvch.gif

3 MB
3 MB

48ms
47ms

Image
image/gif

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/tvch.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f192284ce065d86359e85594e5f0b9c6e2dffbc10f900587d6e393742768bf13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:58:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2HTlOEC%2FVGs3ppTT45OzYsJoTruv2oAuCMFExEoijTCqYhFnbFJRrslb7r9zA3Qum5Rw97aQXOzx9wKptUp8HWQftMKxIQVu5xRAERZ5BNDnCdjY1MZo5QLgT5jiLdyAF%2FY8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
content-disposition: filename="tvch.gif"
cf-ray: 8982efbb7a5a1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClXac3iEniGgaTIoT1hPoYibFgdnki8XbryLWfhZTCtssIV552Psw6b97Iqv%2Fw32EcWXU%2Fg2iLTt%2F3UZ9vlmI%2Fz3%2FhwCagfFPbThccwUmfqQE7kdnoGghYfDKb1PfcLG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/tvch.gif
cache-control: max-age=3600
cf-ray: 8982efbb2a121c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H3

200

3t2j.gif
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/3t2j.gif
https://www.zupimages.net/up/23/14/3t2j.gif

6 MB
6 MB

2157ms
2157ms

Image
image/gif

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/3t2j.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb893bddd24610e9fd464275277ae97ba07e73cf13eb3b7ebb3b5f8f7f1b3625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:58:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw1UzUNLMOUAbzEX4ZRvrIwiVGTIp1eijCyLZkK%2BeQDzEF1Co0E9FENeceXQWPvRSr%2FsGnONlpn3fx6MfSawaexBNLHR0gzTI7Z%2FvoJwzFK8loeOzgg39tpJ%2BZa7AZ7V4Zg%2FvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
content-disposition: filename="3t2j.gif"
cf-ray: 8982efbb8a6e1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjAOu6JkV5cUCBoYDv22ZrnpDCt7CVt4P9fYX4r6xSiUUF6QEaVZ9pQ%2FSABTT3APE%2BlmITE4ofewIwI32Oz1nK1GeiBNe%2BNrv7gjsPrvwo6RczVb1ChEHuIusBjSYDAQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/3t2j.gif
cache-control: max-age=3600
cf-ray: 8982efbb2a141c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H2 200 Mickey_Mouse_head_and_ears.png
upload.wikimedia.org/wikipedia/commons/c/c2/ 9 KB
10 KB 87ms
23ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/c2/Mickey_Mouse_head_and_ears.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

7129908b08366a478b24913224a504f0ca6df4956dae1694dde8e6a7b82963ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 10:47:01 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 76322
x-cache-status: hit-local
x-cache: cp3077 hit, cp3077 miss
server-timing: cache;desc="hit-local", host;desc="cp3077"
content-length: 9611
x-client-ip: 2001:41d0:8:d154::11
x-object-meta-sha1base36: 36j2fjout2vr399p1ebbr8veljnt4e7
last-modified: Mon, 07 Oct 2013 09:24:37 GMT
server: envoy
etag: 4912bfaef359c4aaf6f8825bd0a9d3f7
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b25a09bb969ef8d2d5da7b5765d574f799d1f678.png
64.media.tumblr.com/3b617864bb836bd473eb5da82c1e966b/3257676e69991bd9-52/s400x600/ 118 KB
119 KB 28ms
18ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3b617864bb836bd473eb5da82c1e966b/3257676e69991bd9-52/s400x600/b25a09bb969ef8d2d5da7b5765d574f799d1f678.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

89d98f0707ce353074096979316ba78a9451eb95c7a9a902b1addf7ac4440d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_3b617864bb836bd473eb5da82c1e966b_b25a09bb_400.png"
server-timing: dc;desc=cdg, cache;desc=HIT;dur=0.0
alt-svc: h3=":443"; ma=86400
content-length: 120868
x-nc: HIT cdg 8
last-modified: Fri, 11 Dec 2020 21:09:50 GMT
server: nginx
etag: "e6637185818bc757a5057ce7add46570-1498089600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_mul7o2UgMI1sn7x40o1_250.jpg
64.media.tumblr.com/aaffbad034ea01ebeee111ea311f76cc/ 20 KB
20 KB 61ms
51ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/aaffbad034ea01ebeee111ea311f76cc/tumblr_mul7o2UgMI1sn7x40o1_250.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

96bdde0536ec2551d758523e37d47a11a73c0b102e55c03bf73373608b32540e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=cdg, cache;desc=HIT;dur=0.0
alt-svc: h3=":443"; ma=86400
content-length: 20037
x-nc: HIT cdg 5
last-modified: Wed, 16 Dec 2020 20:47:07 GMT
server: nginx
etag: "aac7876f49e05f4ea57df0ca09015817-1498089600-d1d4451"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 7f6289f7b2629981bf1bfb477ccf37311bdb064b.jpg
64.media.tumblr.com/18bf8aa4c6f20a8606661f18adf78b1b/e95f89c70c445ac6-be/s1280x1920/ 185 KB
185 KB 62ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/18bf8aa4c6f20a8606661f18adf78b1b/e95f89c70c445ac6-be/s1280x1920/7f6289f7b2629981bf1bfb477ccf37311bdb064b.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c594505e2c69494ec6c910e12827449abb3fa3bdc23bfa492337a4eaed3402cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_18bf8aa4c6f20a8606661f18adf78b1b_7f6289f7_1280.jpg"
server-timing: dc;desc=cdg, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 188934
x-nc: HIT cdg 7
last-modified: Wed, 09 Jun 2021 14:02:39 GMT
server: nginx
etag: "abc5ce73e909bd8f97290bfca744c762-1498089600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_pm668avKh01xl20m1o2_400.png
64.media.tumblr.com/c49c79126a9e937b06be81e2f5eeba90/ 187 KB
188 KB 62ms
52ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/c49c79126a9e937b06be81e2f5eeba90/tumblr_pm668avKh01xl20m1o2_400.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b91e1429b4e5a2baf959703838e35774a1f9f90d65a55317d39fed73c9ff0180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
server-timing: dc;desc=cdg, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 191799
x-nc: HIT cdg 3
last-modified: Sat, 12 Dec 2020 00:31:55 GMT
server: nginx
etag: "c49c79126a9e937b06be81e2f5eeba90-1498089600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H3 200 l1hz.png
2img.net/zupimages.net/up/23/14/ 79 KB
79 KB 485ms
484ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/zupimages.net/up/23/14/l1hz.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14bde02bfdadd1452f85f8d170ec7c2e9e43ac9d36792d5b720ba3f2423d5f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: filename="l1hz.png"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 22 Jun 2024 13:58:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3F9H6C5ILK0x7lF%2FkU3W%2F5wvlUL215BW8D50IVUoUe2lDoRk%2BUax1TO3x4y0fMYEUSkQQjLmZURa0FgeN7Bz8AcDwdIfC198pTsTrxpTKk78sf3wemwsfKq4cymIP8c9c0e9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8982efbb2c17b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 monomer.js Show response
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 28 KB
8 KB 75ms
17ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/monomer.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 07:59:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28724
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7985
x-served-by: cache-fra-eddf8230049-FRA, cache-lcy-eglc8600075-LCY
x-jsd-version-type: branch
etag: W/"7174-TI13tHtwe+ecTzoB+WHDA6ZdKiA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 switcheroo.js Show response
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 17 KB
4 KB 77ms
19ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/switcheroo.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 07:59:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11387
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4405
x-served-by: cache-fra-etou8220142-FRA, cache-lcy-eglc8600075-LCY
x-jsd-version-type: branch
etag: W/"454c-pe4tkPHL9eLRnfHOspJ1cZfOJFw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
91 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a72e1253771bf2e2ba9caea0e1ebc7231d899ebbde5b6ca3353f7f5233328395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 07:59:02 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-fr/ 357 KB
53 KB 936ms
885ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b4b3a0d16e6dd81e8ae098394dfe0fcccd04de411d3cd101a7b27a2942aed4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gs7hF45R5WzykhroiV9TfuCxUena5JF6
content-encoding: gzip
via: 1.1 varnish
date: Sun, 23 Jun 2024 07:59:03 GMT
x-amz-request-id: D4NEA4VFT09YP0EG
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 53414
x-amz-id-2: 0CqzEmDrKzSZoDwWj5i+dQABfTVZd9TbtoDegQPKpq2TqnzH7JJycJ8rH+9BHnHcQe0qaXIax8I=
x-served-by: cache-ams2100135-AMS
last-modified: Sun, 16 Jun 2024 17:36:11 GMT
server: AmazonS3
x-timer: S1719129543.997379,VS0,VE865
etag: "1ca0583c6958b598681994d25dbb2bfb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 9

GET
H3 200 slm.prebid.forumactif.js Show response
ads.sportslocalmedia.com/ 4 KB
1 KB 174ms
134ms Script
application/javascript 172.67.11.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.11.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06db7685f0d08697490a3031cfed5747e6e750d36dfbca69477b7491f0b66aae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8982efbbaebb6331-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 dx
disney-badendings.forumactif.org/ 6 KB
7 KB 143ms
143ms Image
image/jpg 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://disney-badendings.forumactif.org/dx?a=38506

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d7640a291675657de1ca0a0528b80e09a61078dd7772601858e375f4038b40a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2024 00:00:00 GMT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-xss-protection: 1
expires: Mon, 23 Jun 2025 07:59:03 GMT

GET
H3

200

lfaj.png
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/lfaj.png
https://www.zupimages.net/up/23/14/lfaj.png

470 KB
470 KB

51ms
51ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/lfaj.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/22-ltr.css

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb95423ce07b83e860a1448479fadb284085878034e9ac040f5e215d7173d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JcyGEMiVsThbyWMyTtOuwuZ3rU8mo7Qu5YtkzFCicvbRbq%2FoPwdn2sML0%2FfXSQoys4ezwBFgUj2FCKBet5rmGCQN3X9figDlApSfZ%2FLy%2FsfpzNGrZ9gnyWiekcyJ9HicKqM1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="lfaj.png"
cf-ray: 8982efbb8a6d1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOJcs7WAsQgpE1GCi%2BUR6dqHlO0HwaEIvKIYurmp3Gjn3ARoSPeXUiKrS2WPf9pefIcoBEAyPudFxrWew127DtkUwrMW08htku%2FqmwlIGSUgfNtOJgWtOTYIp0zjU%2FWv"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/lfaj.png
cache-control: max-age=3600
cf-ray: 8982efbb4a211c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H3

200

1z1w.png
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/1z1w.png
https://www.zupimages.net/up/23/14/1z1w.png

769 KB
770 KB

3083ms
3083ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/1z1w.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/22-ltr.css

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7050134d1b67e41c518d13675d1064ea6694f4e92c780af0a0c9e4dd775af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=15768000
cf-cache-status: EXPIRED
last-modified: Sat, 22 Jun 2024 16:27:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccqTlGNx90%2B8Bjc7jMvkUes%2BhH4MMNa9tKUapDHeIzZQphqegOXBHqKFT0Verk8Pd5cMPnSb60vvsREHjOo5C311%2F2fx8fEMx4dl4aawQ2gESkdk%2FPoeEA8qUdNpbMa0qUIITA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="1z1w.png"
cf-ray: 8982efbb8a701c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P82oOPEBYWTlRjDjhzQ2zyo5DMDwqY9khpw2tya8Xw9MYnXSDtf409VOJ4ZlyP8VgQQwkGMu%2BK2c1UUL%2B0YxCrMuvVQwqP89wWJMulAb94Eg6SdEi0Kbnmo7LYBsKtL2"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/1z1w.png
cache-control: max-age=3600
cf-ray: 8982efbb4a221c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 16 KB
16 KB 113ms
49ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&family=Raleway&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://disney-badendings.forumactif.org
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:04:44 GMT
x-content-type-options: nosniff
age: 406459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16292
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:04:44 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 89ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&family=Raleway&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://disney-badendings.forumactif.org
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:47:52 GMT
x-content-type-options: nosniff
age: 407471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22432
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:47:52 GMT

GET
H3 200 empty.gif
2img.net/i/fa/ 42 B
555 B 31ms
30ms Image
image/gif 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/empty.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8771845
alt-svc: h3=":443"; ma=86400
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCeMbnkA0Q21svG9C2T51IQyVEFc1Pu1sGfjUKtBXaHFBkE%2FuHKL80ZmNj2QrvC2VJO6hxTi7ew2fOrqJ7ps3WodPQqn7gxJMNVJQ31PN%2FG80kuyEt454frBYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb7c4cb932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 phil11.png
i.servimg.com/u/f88/12/93/11/55/ 107 KB
108 KB 58ms
25ms Image
image/png 172.67.217.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f88/12/93/11/55/phil11.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e267cba03df5ac04948de003cf6f49edd3474897cbd7a3e3677360aa8b11354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2812467
alt-svc: h3=":443"; ma=86400
content-length: 109902
x-xss-protection: 1; mode=block
last-modified: Tue, 07 May 2024 09:43:14 GMT
server: cloudflare
etag: "6639f7b2-1ad4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WnG2pIYVHFaXUy24mT0m7M3tC5%2FMlgrmqhz3aZu1mKjxdDhbfniHputKpVo114eXNawxmqQJZ5peAY7JBQx1m7i89P7bdYpWvSWhQ%2F7mPmNMGctvSEWBuLIIEWwqMLQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8982efbbad71046b-CDG
expires: Wed, 21 May 2025 00:19:41 GMT

GET
H3 200 icon_topic_latest.png
2img.net/i/fa/modernbb/ 86 B
603 B 32ms
30ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/modernbb/icon_topic_latest.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbcec1c8aa197112ef6c4376da684451dda3a6c865859bf84c02cb794a77a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8785424
alt-svc: h3=":443"; ma=86400
content-length: 86
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2017 14:46:43 GMT
server: cloudflare
etag: "587cdcd3-56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5m7GXSnbGTJqaE7oX%2BnZtY2PtQtnAKRKEknvjagmjdu1U8QK%2BqkTybOFBUCdIImZdQD5lhnUvPGR9Usbi42tiMEY35yLrbDiy0ksftZqCdhSTBQZMOcoxBimQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb7c4eb932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tumblr_oe4qmdIaIy1r1hz6jo3_250.png
2img.net/h/66.media.tumblr.com/b5fd3416c083381c7cb749abf9146d74/ 133 KB
133 KB 176ms
173ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/66.media.tumblr.com/b5fd3416c083381c7cb749abf9146d74/tumblr_oe4qmdIaIy1r1hz6jo3_250.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d66a08a857358d5a7081d7bfb4e07b2d549fa2971e24f1547747b1f4d7629a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 135739
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: cloudflare
etag: "594b0880-2123b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVb6f5fzpzhVE40MscoO%2Fe1u1WD0DCHFEZHonfYe3uHnyY%2FUFIRgwnnuzwjYO6GcBbHfhI0g3eLh5zK57LjZsz%2B7QcCBlI92jPTgB8A0YV7keEhlacM3G%2B0FtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb7c52b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vava-i10.jpg
2img.net/u/1517/29/13/62/avatars/gallery/ 22 KB
22 KB 82ms
80ms Image
image/jpeg 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/u/1517/29/13/62/avatars/gallery/vava-i10.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4dd2e9c5e3f748fd66e7b797ebac4ca4eb704793d5bb18e1323090ad317043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 22448
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Apr 2023 16:53:59 GMT
server: cloudflare
etag: "6432eda7-57b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7ZNV1%2FXvZTZQs0Oe8Fz4UTbipmwK1%2BfgDneD6vEI2xQXLGQdBW%2FB94Zwf3n9EML86K7YihQNaW6rfDY4pjtdXU3S3SagUsPby%2B5FZvJ4KfVmqBbUaPbnZNBFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbb7c54b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

363e77a167032feb48f734ed4491b8f80a44c27d.pnj
64.media.tumblr.com/a0e1083d1834e895c3ed081949ee1bda/5acb9e6c5475b1ab-a9/s400x600/
Redirect Chain

https://shorturl.at/trBq4
https://www.shorturl.at/trBq4
https://64.media.tumblr.com/a0e1083d1834e895c3ed081949ee1bda/5acb9e6c5475b1ab-a9/s400x600/363e77a167032feb48f734ed4491b8f80a44c27d.pnj

67 KB
67 KB

22ms
22ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a0e1083d1834e895c3ed081949ee1bda/5acb9e6c5475b1ab-a9/s400x600/363e77a167032feb48f734ed4491b8f80a44c27d.pnj

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6a43a2dbff8fa2a3ff8ecef9a832575b39b64de0eccd083d6f218c60e093c80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_a0e1083d1834e895c3ed081949ee1bda_363e77a1_400.jpg"
server-timing: dc;desc=lhr, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 68645
x-nc: HIT lhr 4
last-modified: Thu, 09 May 2024 20:29:26 GMT
server: nginx
etag: "691eb81e364dd44dcbd2e7b708c7893f-1503417600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 23 Jun 2024 07:59:03 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUt7IRF6QbxrlXxOT10np2HKvCTUafrZaNfiy%2BSlJMs6nmPAXjIeEj92Wnk4NxPYf7q%2Fzv7Wdjz9fq2Mht9zLWdJOZMB%2Bvs2EdYi%2B7kd8HS7m0sjRntmibDelnApJ5JXeX8SnuPlck4aHjP3pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://64.media.tumblr.com/a0e1083d1834e895c3ed081949ee1bda/5acb9e6c5475b1ab-a9/s400x600/363e77a167032feb48f734ed4491b8f80a44c27d.pnj
cf-ray: 8982efbccc976f4c-CDG
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H3

200

a893e862e74e044d732ae309af469a4c2a26ebf0.pnj
64.media.tumblr.com/7ddf57366e6c98e8ca1d60edec2eb22b/56841da554348354-2e/s400x600/
Redirect Chain

https://shorturl.at/aNRHj
https://www.shorturl.at/aNRHj
https://64.media.tumblr.com/7ddf57366e6c98e8ca1d60edec2eb22b/56841da554348354-2e/s400x600/a893e862e74e044d732ae309af469a4c2a26ebf0.pnj

79 KB
79 KB

20ms
20ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7ddf57366e6c98e8ca1d60edec2eb22b/56841da554348354-2e/s400x600/a893e862e74e044d732ae309af469a4c2a26ebf0.pnj

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9e59ed9aa4c24f5f913ec9381eb56ade66d9a5ecc36e6da05ed934413ab120a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_7ddf57366e6c98e8ca1d60edec2eb22b_a893e862_400.jpg"
server-timing: dc;desc=lhr, cache;desc=HIT;dur=0.0
alt-svc: h3=":443"; ma=86400
content-length: 80634
x-nc: HIT lhr 7
last-modified: Mon, 22 Apr 2024 20:38:45 GMT
server: nginx
etag: "aff00cdf56b2c1569f859455e8fb64c8-1503417600-ed9f266"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 23 Jun 2024 07:59:03 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iSt%2B6v%2BgqEhwv6GrCZqywoMuuY%2BXXaldyXko9B0MkFK1MJ0g44R1LP8RueeZXaeEyFa0slW7WYStduti2iDec4M4MzBcWNt5d5Qbl9N1QL4shT9ylOFIt8XkK%2BHsrOxAyLZO13FAWgX0l8lhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://64.media.tumblr.com/7ddf57366e6c98e8ca1d60edec2eb22b/56841da554348354-2e/s400x600/a893e862e74e044d732ae309af469a4c2a26ebf0.pnj
cf-ray: 8982efbccc966f4c-CDG
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H3

200

oapa.jpg
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/oapa.jpg
https://www.zupimages.net/up/23/14/oapa.jpg

136 KB
136 KB

3150ms
3150ms

Image
image/jpeg

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/oapa.jpg

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22ac8ddae85b03554f9ef7451d891db3d6f193fae277514aa11438e3974781eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=15768000
cf-cache-status: EXPIRED
last-modified: Sat, 22 Jun 2024 16:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQja%2B7iASGG6WrU4ShnvWDy%2FWmYqZVY9TMhAUva%2F7F5jzEOosiSoEnTpluqMEjA3fb1Z3Eg%2BDyE4rV67cS3aNm8ycjch9V18p2rjjzgFXudUH5Is86Xz0D6oG2lcvzCq1bPsDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
content-disposition: filename="oapa.jpg"
cf-ray: 8982efbbbab01c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEgzKc865qyufZ1Rm2z0flFWc3ZTls3RluJc3GNBgcuLcSU1n0AilNIw1jDUM5iV39mV1vVYYJlU6GZhKZy09yn%2BnKH5U7tHLjYzqpo5pS6CDJpMCTE2QmK7UbPjj0mf"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/oapa.jpg
cache-control: max-age=3600
cf-ray: 8982efbb7a561c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:02 GMT

GET
H2

200

f948bcb6dfc7871e1bf468aaa7be69fcd821289a.pnj
64.media.tumblr.com/3327dd7dbb0222ca84626942910f363a/1167c8e1820a1090-eb/s400x600/
Redirect Chain

https://bit.ly/3zOMHtN
https://64.media.tumblr.com/3327dd7dbb0222ca84626942910f363a/1167c8e1820a1090-eb/s400x600/f948bcb6dfc7871e1bf468aaa7be69fcd821289a.pnj

128 KB
129 KB

19ms
18ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3327dd7dbb0222ca84626942910f363a/1167c8e1820a1090-eb/s400x600/f948bcb6dfc7871e1bf468aaa7be69fcd821289a.pnj

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

092fda1bd0956e770e94ece0929899614223679d0d536f3a75baaafa420ba49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; preload
x-frames: 1
content-disposition: inline; filename="tumblr_3327dd7dbb0222ca84626942910f363a_f948bcb6_400.jpg"
server-timing: dc;desc=cdg, cache;desc=HIT;dur=2.0
alt-svc: h3=":443"; ma=86400
content-length: 130994
x-nc: HIT cdg 4
last-modified: Sat, 17 Dec 2022 19:32:46 GMT
server: nginx
etag: "ec9700827774c135a7e14ad713c24318-1503417600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-security-policy: referrer always;
referrer-policy: unsafe-url
via: 1.1 google
server: nginx
content-type: text/html; charset=utf-8
location: https://64.media.tumblr.com/3327dd7dbb0222ca84626942910f363a/1167c8e1820a1090-eb/s400x600/f948bcb6dfc7871e1bf468aaa7be69fcd821289a.pnj
cache-control: private, max-age=90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H3

200

tumblr_p69on0ML9O1wszb93o5_250.gif
64.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/
Redirect Chain

https://78.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif
https://64.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif

307 KB
307 KB

19ms
19ms

Image
image/gif

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

471bd231b90a0c25f6ab705f5809f7d5496ac0e0d2d0302e7e4a102003ad7107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; preload
content-disposition: inline; filename="tumblr_p69on0ML9O1wszb93o5_250.gif"
server-timing: dc;desc=lhr, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 314351
x-nc: HIT lhr 7
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "0e55a8f7c8c145b874f98e2df9c3dfda-1523937600-ed9f266"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://64.media.tumblr.com/71c017f029b6c26ae03e6f19d31d140b/tumblr_p69on0ML9O1wszb93o5_250.gif
date: Sun, 23 Jun 2024 07:59:03 GMT
server: nginx
content-length: 162
content-type: text/html

POST
H2 200 webpush_register.php Show response
disney-badendings.forumactif.org/ajax/ 25 B
176 B 46ms
46ms Fetch
text/html 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/ajax/webpush_register.php

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 23 Jun 2024 07:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1
content-type: text/html

GET
H/1.1

200
OK

profile Show response
api.consentframework.com/api/v1/public/
Redirect Chain

https://api.consentframework.com/api/v1/public/profile?origin=https://disney-badendings.forumactif.org
https://api.consentframework.com/api/v1/public/profile?bounce=1

40 B
431 B

26ms
26ms

Fetch
application/json

2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/profile?bounce=1

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

HTTP/1.1

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 23 Jun 2024 07:59:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 40

Redirect headers

Date: Sun, 23 Jun 2024 07:59:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Location: https://api.consentframework.com/api/v1/public/profile?bounce=1
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 86

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 82 KB
29 KB 84ms
26ms Script
text/javascript 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adea2aa2767d809d7ae83bb8023885d49edbce098ff65c4296aed8c1d16c936f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:14:59 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified: Wed, 28 Feb 2024 08:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 92645
x-amz-server-side-encryption: AES256
etag: "9c4bd7f981e42473076868eec1e5677d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28955
x-amz-cf-id: 4k-zfJ-4CoG0iCwVdDr20rs3fZGUIPUgXvkfeX1C81zZaIgpP-2HQw==

GET
H2

200

https://disney-badendings.forumactif.org/u476
https://disney-badendings.forumactif.org/login?redirect=%2Fu476

33 KB
9 KB

59ms
59ms

XHR
text/html

94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://disney-badendings.forumactif.org/login?redirect=%2Fu476

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

b1596b4c49f8bb91380b1e141d0b48aa917d9da87850558f1636e045deff2a3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 07:59:03 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1
expires: Sun, 23 Jun 2024 00:00:00 GMT

Redirect headers

location: https://disney-badendings.forumactif.org/login?redirect=%2Fu476
date: Sun, 23 Jun 2024 07:59:03 GMT
content-length: 0

GET
H3 200 toolbar.png
2img.net/i/fa/i/toolbar/ 11 KB
11 KB 40ms
40ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/i/toolbar/toolbar.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/22-ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8781340
alt-svc: h3=":443"; ma=86400
content-length: 11066
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:44 GMT
server: cloudflare
etag: "57398624-2b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0r3sAjYxyNDKk%2BATFUvUkSq0UfsWdGNxlbu%2B7TXQK5k8l7OCBR6jNFa7BoBawLJy4kqBKKYT9mLWEme3%2F%2FFVryYutT7eBqFRbbclQynpTc20Eaz1y6BAZQzBfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbbece0b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pa0.png
2img.net/i/fa/i/toolbar/ 1 KB
2 KB 49ms
49ms Image
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/i/toolbar/pa0.png

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/22-ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8785521
alt-svc: h3=":443"; ma=86400
content-length: 1087
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:43 GMT
server: cloudflare
etag: "57398623-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bxil7iuBKVv%2BvkYJgxCS8Ebuqa3MVrlCFgJHI%2FBtUD5LVJ3wL%2Beh7sVkoWY9PeYuqSOdOvot%2BuAWpen0oAIVKuevCx1bSjrDK1p6EKjx1zz9Kvc1a7her4WMHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efbbece7b932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 67ms
29ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6216
cf-polished: origSize=5437
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
server: cloudflare
etag: W/"5d653880-153d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KEics8t1epU%2BfOYRtJtnjpBlWBqiNsVuRE1eO6RJTMgkh4N5%2FngAOvpCtYM2torP7QxYfIIXpITReknvLQJ7m5hl7O8OewWa7Lr8endogywR7KELmg6xCmHor8wp38mg5GaJLMS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8982efbc9e5d23e1-LHR

GET
H3

200

5xql.png
www.zupimages.net/up/23/14/
Redirect Chain

https://zupimages.net/up/23/14/5xql.png
https://www.zupimages.net/up/23/14/5xql.png

1 MB
1 MB

115ms
114ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/14/5xql.png

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5bc8cd403b073c3dda467deaa333afa1d33e199048e4cdf74db6d44c6eb89c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:59:06 GMT
strict-transport-security: max-age=15768000
cf-cache-status: EXPIRED
last-modified: Sun, 23 Jun 2024 00:03:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZLg3WXxjSxU8XkByeWN%2B%2F6hcoULqB9Atspwj0TLPN7VOPxwJR2xHsXYos%2Bp6R3%2FepXMrT0U4Qc%2BwnsIewecxGtBVcMBuxLPSUpUeE4qRiX8Rb0cXJJq3LxwMwC0k9baEn7hTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="5xql.png"
cf-ray: 8982efcf8bea1c08-AMS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Sun, 23 Jun 2024 07:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qaBlsU%2BGY5BLitvqWjOPc7PUQT6PLtbJ8udHq4b2U7BZ4goDJ9EBJ2pRNh%2BoFTUYorFWRu5BKD9Tb0S7LpS4SdwklXPix6VYtHg4%2BqHPvF4gl79v3fiNnN1vzRPbBuy8"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/14/5xql.png
cache-control: max-age=3600
cf-ray: 8982efbbeae61c08-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 23 Jun 2024 08:59:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 72ms
22ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZSSLCPJ9BZ&gtm=45je46j0v9119535023za200&_p=1719129542889&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=2008478044.1719129543&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719129543&sct=1&seg=0&dl=https%3A%2F%2Fdisney-badendings.forumactif.org%2F&dt=No%20More%20Happy%20Endings&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=647&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 07:59:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://disney-badendings.forumactif.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tcstring Show response
api.consentframework.com/api/v1/public/ 25 B
464 B 26ms
26ms Fetch
application/json 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/tcstring

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 07:59:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 25

GET
H3 200 slm.prebid.forumactif-a.js Show response
ads.sportslocalmedia.com/ 47 KB
13 KB 95ms
95ms Script
application/javascript 172.67.11.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif-a.js
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.11.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5419dfdbd2a52fa816ade6e2b13aa6b819eb332cdf049fff639a0767ee3b41a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8982efbc9fa76331-LHR
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK consent-string Show response
api.consentframework.com/api/v1/public/ 206 B
558 B 82ms
28ms Fetch
application/json 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/consent-string

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

b0e9e39ac5c567cef627b0a7e83a66685131b106fb6df2e7d0c5c89c75e01847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 23 Jun 2024 07:59:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 206

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1080
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 23 Jun 2024 09:41:03 GMT

POST
H/1.1 200
OK user-action Show response
api.consentframework.com/api/v1/public/ 0
303 B 81ms
26ms Fetch 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp?lang=fr

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Date: Sun, 23 Jun 2024 07:59:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

GET
H2 200 loader.min.js Show response
comparisons.sovrn.com/js/ 3 KB
2 KB 133ms
34ms Script
application/javascript 18.173.187.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comparisons.sovrn.com/js/loader.min.js
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-112.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _N7Ldl34Z.PdZpMcZXLC7DYN2lTVj6Bm
content-encoding: gzip
via: 1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 02:39:47 GMT
last-modified: Tue, 23 Jan 2024 08:56:04 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 71361
x-amz-server-side-encryption: AES256
etag: W/"977ae67d2ae005447e6e3ab0b242cab2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: jZZxDrnsxhaKim6MJI8X36sTq2HPBwIYcRG2Xx-KOMJkbERQ2JKUlg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 402 KB
138 KB 108ms
40ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif-a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140633
x-xss-protection: 0
expires: Sun, 23 Jun 2024 07:59:03 GMT

GET
H2 200 tag Show response
btloader.com/ 75 KB
23 KB 68ms
27ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5094764668518400&upapi=true
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif-a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0677d8727ac4833d37854ed5ffbe48142acea8d1ed1d4884f8ac22a4d7aba2e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 07:24:05 GMT
server: cloudflare
age: 1979
etag: "789e3710545dee311392792db9418bfb"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8982efbd99e33865-LHR
content-length: 23645

GET
H3 200 slmadshb.js Show response
ads.sportslocalmedia.com/ 698 KB
215 KB 45ms
44ms Script
application/javascript 172.67.11.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.sportslocalmedia.com/slmadshb.js
Requested by: Host: ads.sportslocalmedia.com
URL: https://ads.sportslocalmedia.com/slm.prebid.forumactif-a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.11.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dc9a599e239387ca9fdda50bc18cc6b6fd5bdb5679f9f1faac69b6590e7592

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 09:05:55 GMT
server: cloudflare
x-iplb-request-id: AC4776F1:8AA4_91EFC0E2:0050_6677C58F_D393C5F:10A5
age: 4144
etag: W/"66754273-ae82b"
x-iplb-instance: 54197
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
cf-ray: 8982efbd58626331-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jun 2024 09:49:51 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
219 B 33ms
31ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1042062760&t=pageview&_s=1&dl=https%3A%2F%2Fdisney-badendings.forumactif.org%2F&ul=fr-fr&de=UTF-8&dt=No%20More%20Happy%20Endings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=160647593&gjid=496117076&cid=2008478044.1719129543&tid=UA-144388882-1&_gid=1773688717.1719129543&_r=1&gtm=457e46j0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&jsscut=1&npa=1&z=319644853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 07:59:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://disney-badendings.forumactif.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
102 B 168ms
120ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5094764668518400&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 23 Jun 2024 07:59:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 64ms
25ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 920434
x-guploader-uploadid: ABPtcPqneg6soqaOikcNiPp_PDLK0UcBx1dP3Y_3kl9qiiydDGRLrzu3y4OM-7S5ceh_By7WvPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rb4iSypgXMwFd0BgZnKaq98In9qYeCqa%2Bf7uicz4jVP6nOD%2F6Rp%2FmPQWKYSa%2Bwr7IHYB3kgU5vzncjb5cdrdj8Pf%2FSDhBJY7E4ASTZ%2B1JqXXiJMpERRa5O252h07%2BM2ICYh7IEO1Vff0LQkpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8982efbe0a7499c6-CDG
expires: Wed, 12 Jun 2024 17:05:15 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 66ms
27ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 14:45:33 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
343 B 65ms
26ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5061309699264143
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 920434
x-guploader-uploadid: ABPtcPqneg6soqaOikcNiPp_PDLK0UcBx1dP3Y_3kl9qiiydDGRLrzu3y4OM-7S5ceh_By7WvPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fM%2BjKeRTK4Tr0yjz3Ao%2BZkmlCzyyt8PExGke%2FZXeUtVVDb39zOwYjmLQAGE23sraMW0KzhM8S4K0w8Am9KXShPc%2BypqJsTk%2BSMcq%2F04%2BAI40cn2fDsP8fAhLM7km3qSiFbAipqKr6jR3qkSniA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8982efbe0a7599c6-CDG
expires: Wed, 12 Jun 2024 17:05:15 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 430 B
145 B 121ms
64ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fdisney-badendings.forumactif.org%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

54a8fea6ab36da66a7cde100b568500deaed356f736e77f0e59ecf988d746681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
expires: Sun, 23 Jun 2024 07:59:03 GMT

GET
H2 200 impl.20240613-38-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: kDdRQIto.UimJAn8RYg2PIl7jTgGdrmJ
content-encoding: br
via: 1.1 varnish
date: Sun, 23 Jun 2024 07:59:03 GMT
x-amz-request-id: YWHA9EDEAEYJFZK6
age: 21132
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185973
x-amz-id-2: B+9zh6maUNfYrXyOj5syMhkO3VGJcoudIz4KOpHEZsEiKKzDRlB9P8JipDHwB4M7OIrRGM8NnZg=
x-served-by: cache-ams2100135-AMS
last-modified: Sun, 16 Jun 2024 15:34:51 GMT
server: AmazonS3-br
x-timer: S1719129544.930560,VS0,VE0
etag: "042851c31b8a4c3431c8a5dc787dcb70"
vary: Accept-Encoding
content-type: application/javascript
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10640

GET
H2 200 google-topics-api.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XsvnrjNAlBw0a9taDHAzCIHEkXPBbcXh
content-encoding: gzip
via: 1.1 varnish
date: Sun, 23 Jun 2024 07:59:03 GMT
x-amz-request-id: HZCSK9WH7EG29T7W
age: 577369
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 980
x-amz-id-2: IK6CoJxPkJ2wP0RSohWhMp2rTawceGHUv8afR1XCgbi88JoDm4ottTWlCZqJmWWsoARV0IjNzHk=
x-served-by: cache-ams2100135-AMS
last-modified: Sun, 16 Jun 2024 15:35:17 GMT
server: AmazonS3
x-timer: S1719129544.996967,VS0,VE0
etag: "ffe1084a0475919857c0fccef40b2f0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 112129

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 44EB 0
0 57ms
19ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://disney-badendings.forumactif.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 19
accept-ranges: bytes
access-control-allow-origin: *
age: 27118
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sun, 23 Jun 2024 07:59:04 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status: COMPLETED
x-amz-request-id: 07S5VCG943S7V2KE
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 65217
x-served-by: cache-ams2100111-AMS
x-timer: S1719129544.059517,VS0,VE0

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 260 B
725 B 130ms
36ms XHR
text/javascript 52.51.1.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.1.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-1-77.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 84b07b9b58593be51c99fcd2712b8f8f98744ae9ad21da652e3c56e0a4f0abce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 07:59:04 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 260
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 30ms
30ms Script
image/gif 52.51.1.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=18d81f55cfc0fd275a864f494f914b76
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.1.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-1-77.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 07:59:04 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 82ms
32ms Image
image/gif 52.51.1.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=18d81f55cfc0fd275a864f494f914b76
Requested by: Host: disney-badendings.forumactif.org
URL: https://disney-badendings.forumactif.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.1.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-1-77.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 07:59:04 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 46 B
510 B 49ms
31ms XHR
text/javascript 52.51.1.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.1.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-1-77.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ebdbaf87e267e036a7951e19bd0500035439f22fb3532e4c3245ed4edeaf6804

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 07:59:04 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://disney-badendings.forumactif.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 46
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 276423Logo.png
2img.net/r/hpimg11/pics/ 726 B
1 KB 134ms
134ms Other
image/png 104.21.235.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2img.net/r/hpimg11/pics/276423Logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee6a7f01c7c4cf7f3e40534ef36eededdc2ecdcb78f9ee693d2c58eaa8a3133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://disney-badendings.forumactif.org/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:59:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 726
x-xss-protection: 1; mode=block
last-modified: Sat, 06 Apr 2013 16:37:21 GMT
server: cloudflare
etag: "51604f41-2d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UoZ6uRe7pBGcdjjuGAsgshyWyoHsKltCYSN5C71b3zLrGpQRbcsXgiGZn8QqNXj91yE%2FFpZ5G2qbBZEWW77xXdWJnqFIDbPOEX1HhJvjOoYejeh0J29DVKGwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8982efcf89efb932-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

335 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.disney-badendings.forumactif.org/	1970-01-20 21:53:45	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
disney-badendings.forumactif.org/	1969-12-31 23:59:59	Name: toolbar_state Value: fa_show
.forumactif.org/	1970-01-21 07:08:09	Name: _ga_ZSSLCPJ9BZ Value: GS1.1.1719129543.1.0.1719129543.0.0.0
.consentframework.com/	1970-01-20 21:32:09	Name: euconsent-v2 Value: NO_CONSENT
.forumactif.org/	1970-01-21 07:08:09	Name: _ga Value: GA1.2.2008478044.1719129543
.forumactif.org/	1970-01-20 21:33:35	Name: _gid Value: GA1.2.1773688717.1719129543
.forumactif.org/	1970-01-20 21:32:09	Name: _gat_gtag_UA_144388882_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://disney-badendings.forumactif.org/ Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=18d81f55cfc0fd275a864f494f914b76' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
64.media.tumblr.com
78.media.tumblr.com
ad-delivery.net
ad.doubleclick.net
ads.sportslocalmedia.com
ajax.googleapis.com
api.btloader.com
api.consentframework.com
api.viglink.com
bit.ly
btloader.com
cache.consentframework.com
cdn.images.express.co.uk
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
choices.consentframework.com
comparisons.sovrn.com
connect.topicit.net
disney-badendings.forumactif.org
fonts.googleapis.com
fonts.gstatic.com
i.servimg.com
illiweb.com
imasdk.googleapis.com
region1.google-analytics.com
securepubads.g.doubleclick.net
shorturl.at
upload.wikimedia.org
www.google-analytics.com
www.googletagmanager.com
www.shorturl.at
www.zupimages.net
zupimages.net
104.21.233.197
104.21.235.75
130.211.23.194
142.250.185.70
143.204.215.42
151.101.1.44
151.101.193.44
172.217.16.194
172.67.11.187
172.67.217.127
18.173.187.112
188.114.96.3
188.114.97.3
192.0.77.3
2001:4860:4802:34::36
2600:9000:2490:4000:1d:b722:f80:93a1
2606:4700:10::6816:4ad8
2606:4700:20::681a:566
2606:4700:20::ac43:4513
2606:4700:20::ac43:4558
2a00:1450:4001:803::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a01:4f8:fff3:f::
2a02:ec80:300:ed1a::2:b
2a04:4e42:600::485
52.51.1.77
67.199.248.11
74.114.154.18
94.23.159.185
001aa59bf795ab2ea59ba1060e059794e79c614a0c69917469f397facbc8b921
01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79
0677d8727ac4833d37854ed5ffbe48142acea8d1ed1d4884f8ac22a4d7aba2e7
06db7685f0d08697490a3031cfed5747e6e750d36dfbca69477b7491f0b66aae
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
092fda1bd0956e770e94ece0929899614223679d0d536f3a75baaafa420ba49d
14bde02bfdadd1452f85f8d170ec7c2e9e43ac9d36792d5b720ba3f2423d5f1e
19aa8dd9e48119d963bee3588bb206b5a69089b14907abbe8e04627c467b59e7
1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b
2131bc329e8590489b812f33e00ff9438c1dc0b650048a3ae68f2db17ef4ecd1
22ac8ddae85b03554f9ef7451d891db3d6f193fae277514aa11438e3974781eb
22e63a04188f0304dc650759737bc5f910fd50b8e7f1ae501d527da4867551b3
2c668b5725fc6463bc4eacc880a01e81cab297bb7aaef896e9ccc1fc6aa81b13
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3dbcec1c8aa197112ef6c4376da684451dda3a6c865859bf84c02cb794a77a98
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
4487b64fd8d779b738404d215a2af5a084edc3191f6206864cf556cf025058ea
471bd231b90a0c25f6ab705f5809f7d5496ac0e0d2d0302e7e4a102003ad7107
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6
4caa6f9566577b1af55d892ddfb306a30ba700c6fbbc61d1d10bed278be0165e
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
5419dfdbd2a52fa816ade6e2b13aa6b819eb332cdf049fff639a0767ee3b41a3
54a8fea6ab36da66a7cde100b568500deaed356f736e77f0e59ecf988d746681
54f70a3fd42a3e445d3b56b5b9d9f5888f1dab6232b5ccefd5f0dc6b2f0d1b90
5ce8cc9cc7d90d8c4ab349fbd1768a626c4e7c4dede621b0d1a293f5d500814d
69eb1edfd26bb829b907df80ac5a8aa5c5d73e9ada80e864b0ec86b57560a026
6a43a2dbff8fa2a3ff8ecef9a832575b39b64de0eccd083d6f218c60e093c80f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
6d7050134d1b67e41c518d13675d1064ea6694f4e92c780af0a0c9e4dd775af7
6e267cba03df5ac04948de003cf6f49edd3474897cbd7a3e3677360aa8b11354
7129908b08366a478b24913224a504f0ca6df4956dae1694dde8e6a7b82963ba
7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111
84b07b9b58593be51c99fcd2712b8f8f98744ae9ad21da652e3c56e0a4f0abce
89d98f0707ce353074096979316ba78a9451eb95c7a9a902b1addf7ac4440d39
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ee6a7f01c7c4cf7f3e40534ef36eededdc2ecdcb78f9ee693d2c58eaa8a3133
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
93867e2d7a9314c47c816eb15865858a9436d1d5e5fdfb593dce21f02d6d6da4
96bdde0536ec2551d758523e37d47a11a73c0b102e55c03bf73373608b32540e
98b0cb219401b7bdfcaf17c53e77565868619bc3f349a567d8db634ad7b6ccf3
9a2f62beaf82271afd8c9ef6683e4fd59dffd66cd641a571f74ffbbee46451db
9b4b3a0d16e6dd81e8ae098394dfe0fcccd04de411d3cd101a7b27a2942aed4d
9c25615e18a93ba31e0fc26672a5e33b614847d7f07555caa408e8008ebc56a1
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
9e59ed9aa4c24f5f913ec9381eb56ade66d9a5ecc36e6da05ed934413ab120a7
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a72e1253771bf2e2ba9caea0e1ebc7231d899ebbde5b6ca3353f7f5233328395
adea2aa2767d809d7ae83bb8023885d49edbce098ff65c4296aed8c1d16c936f
af4dd2e9c5e3f748fd66e7b797ebac4ca4eb704793d5bb18e1323090ad317043
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0e9e39ac5c567cef627b0a7e83a66685131b106fb6df2e7d0c5c89c75e01847
b1596b4c49f8bb91380b1e141d0b48aa917d9da87850558f1636e045deff2a3c
b2e44c5db5b3400cac97d6bcd1219a1643e421ffd58c3cab781e5caf6d3ea29d
b5bc8cd403b073c3dda467deaa333afa1d33e199048e4cdf74db6d44c6eb89c8
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b91e1429b4e5a2baf959703838e35774a1f9f90d65a55317d39fed73c9ff0180
bac614d25cfbaabddc4682273d94272d16c4a2012432f068c654e1b4404f862d
bb378757e1f681eef936b29c21316d1d4ba953cefd8a2327b814da69e305a8ff
bb893bddd24610e9fd464275277ae97ba07e73cf13eb3b7ebb3b5f8f7f1b3625
c4001b8a948e3ff1a05a8b033a8156dd6f7965621ed6340751cb058e13eefe48
c594505e2c69494ec6c910e12827449abb3fa3bdc23bfa492337a4eaed3402cd
c5dc9a599e239387ca9fdda50bc18cc6b6fd5bdb5679f9f1faac69b6590e7592
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068
d7640a291675657de1ca0a0528b80e09a61078dd7772601858e375f4038b40a0
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbb0cbb3ed6239cd63bc945a0e480633034cde30f1e0fc7de56a75b2a7c350a8
dbe98dc3c36d3bc9fa5fb625e6368c66016a7d8542a88f7de4e400e9bb2324cb
dcb95423ce07b83e860a1448479fadb284085878034e9ac040f5e215d7173d3d
ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7633bb4efa863c2a8954acd6c080cc8bccb6427689e6171e06d7a22669e561e
ebdbaf87e267e036a7951e19bd0500035439f22fb3532e4c3245ed4edeaf6804
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15a9d18ee74a7099cb045c4c778058d4f05ff4ded9d8139a799474c7700ff10
f192284ce065d86359e85594e5f0b9c6e2dffbc10f900587d6e393742768bf13
f2d66a08a857358d5a7081d7bfb4e07b2d549fa2971e24f1547747b1f4d7629a
f41ae6dcf01265ba55917dd21dad3532fad59e916753f99a19bffe2f6022e709
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
fe72d9802ef172830fbf7223ca69693bcbc657ba68aff2615ad7ff6d4ed5e669

disney-badendings.forumactif.org Open in urlscan Pro 94.23.159.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

83 %HTTPS

45 %IPv6

24 Domains

35 Subdomains

30 IPs

6 Countries

19665 kBTransfer

22782 kBSize

7 Cookies

11 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

disney-badendings.forumactif.org Open in urlscan Pro
94.23.159.185 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

83 %
HTTPS

45 %
IPv6

24
Domains

35
Subdomains

30
IPs

6
Countries

19665 kB
Transfer

22782 kB
Size

7
Cookies

92 HTTP transactions
0 data transactions