lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lookbook.nu/user/9511154-Hanna
Submission: On July 23 via manual (July 23rd 2021, 8:57:08 am UTC) from IN

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3034::6815:48a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookbook.nu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2020. Valid for: a year.

This is the only time lookbook.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:48a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::681a:12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	13.226.132.202 13.226.132.202	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:5200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.226.145.101 13.226.145.101	16509 (AMAZON-02) (AMAZON-02)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
12	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
81	26

1 2606:4700:3034::6815:48a4 (United States)

ASN13335 (CLOUDFLARENET, US)

lookbook.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:12 (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.132.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-202.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.145.101 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adform.net track.adform.net s1.adform.net	193 KB
16	googlesyndication.com 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	71 KB
16	lbstatic.nu lbstatic.nu	701 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	125 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
4	googletagservices.com www.googletagservices.com	126 KB
3	google.com adservice.google.com www.google.com	931 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	69 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
1	google.de adservice.google.de	165 B
1	facebook.com www.facebook.com
1	quantcount.com rules.quantcount.com	436 B
1	googleapis.com ajax.googleapis.com	33 KB
1	lookbook.nu lookbook.nu	9 KB
81	16

	Domain	Requested by
16	lbstatic.nu	lookbook.nu lbstatic.nu
12	track.adform.net	56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com s1.adform.net
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com tpc.googlesyndication.com
6	s1.adform.net	track.adform.net s1.adform.net 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net lookbook.nu
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	c.amazon-adsystem.com	lookbook.nu c.amazon-adsystem.com
4	www.googletagservices.com	lookbook.nu securepubads.g.doubleclick.net 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
3	56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects lookbook.nu
2	www.google.com	tpc.googlesyndication.com 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
2	www.google-analytics.com	lookbook.nu
2	connect.facebook.net	lookbook.nu connect.facebook.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	lookbook.nu
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	lookbook.nu
1	ajax.googleapis.com	lookbook.nu
1	lookbook.nu
81	22

This site contains links to these domains. Also see Links.

Domain
idnslot1.mikz.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-28` - `2021-11-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://lookbook.nu/user/9511154-Hanna
Frame ID: 0840395E9E9042DBB7359B2EC8605CA7
Requests: 44 HTTP requests in this frame

Frame: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01FB55AB6893E1A479EF5580A5A168D1
Requests: 1 HTTP requests in this frame

Frame: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB4067123C0396FF14C54355E6462D03
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C243B2562F8A5946741D57B25406E094
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A513B2F9A5C018B0FC54141B5FB70F8E
Requests: 1 HTTP requests in this frame

Frame: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60DE91A95B56B41C00B7BEE945F6F19E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

81
Requests

100 %
HTTPS

80 %
IPv6

16
Domains

22
Subdomains

26
IPs

4
Countries

1396 kB
Transfer

3450 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://idnslot1.mikz.com/
Title: idnslot1.mikz.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9=

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9511154-Hanna Show response
lookbook.nu/user/ 26 KB
9 KB 256ms
231ms Document
text/html 2606:4700:3034::6815:48a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:48a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9caf1eefbd4dd5e3281012f08550a931bf01eba9bf533085a281e3d683fc49fc

Request headers

:method: GET
:authority: lookbook.nu
:scheme: https
:path: /user/9511154-Hanna
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
set-cookie: last_op_at=1627030611; path=/ _lookbook_session=BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTlmZGVkMDQ4MTFkZTMwOTAxNDFlNDk0YmMyYWFkMTAwBjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxQWhOQWZaeThxd1p4dVFhQ3lSQ3VGL0RQU0VDUndsR3kydE5FWlJ0K3g2Zz0GOwBG--b31e9718a804afc7a2488d6adf88a83061a8e832; domain=.lookbook.nu; path=/; expires=Fri, 30-Jul-2021 08:56:51 GMT; HttpOnly
x-request-id: 057e0e32ad4e09b1d4788140ee4051da
x-runtime: 0.066735
x-rack-cache: miss
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeKh%2BbIX4rr%2BIaVqQCXejqFqVcKRsf6XfW8%2FPHDYylU3BbWH0FJaQUkgewvvrPG%2FI3RNTDPibbJy9XaU%2FwqFfVyJRbRUONKRzOfDwhW3yKlqpjEzJAcagVypePhDsHhyrSxXSZj9Xpyxkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6733b2a95b4a4a9e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 application-e4fe603c2b70ce160ad7d335edb27021.css
lbstatic.nu/assets/ 575 KB
77 KB 52ms
26ms Stylesheet
text/css 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 1702
etag: W/"60d93537-8fa63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zctQpw%2FKPnxujU%2BVAEuorXk4SZ5Sd3GSFFV5M9d1Fv0iJ3lSnDkRvaj%2BsEGilSJgfPv3FFp%2FY8zwQf6q6vbHib0PvQkaQxjDecDB63Zn7kdJuqcK%2BThXhNgFf%2FwsNfZnl7VcrGdO7zXf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2aafeb71f55-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 02:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Jul 2022 02:07:24 GMT

GET
H2 200 application-a51a596c576aa3cdb24732f481827415.js Show response
lbstatic.nu/assets/ 556 KB
157 KB 63ms
38ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305030926c53938a6a6df942f51a6f19378407838dc1ec5996580a391af7efe2

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 50
etag: W/"60d93537-8b111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eOxLRCXS2Wg3wwj%2BIZga4j5fyHdDf%2F8QvpEQHyvPIRrxxpHQ%2BlZAU1y3j2z%2BN9lpoLIW5FDbWk8YtNxn85mtstM7XtNkpMyhFhhN6%2BPC118SEL5FgTTXM1jo2AO%2FHkl3PRhxcLvMGB2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2aafeb91f55-FRA

GET
H2 200 application-a5c0a1f256cf15442e90c66fb7c2b34b.js Show response
lbstatic.nu/assets/moo/ 91 KB
25 KB 44ms
19ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/moo/application-a5c0a1f256cf15442e90c66fb7c2b34b.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3b18ac8b2e0c6f6a051aa64130338b184036af8827228836b02d1c0da1fb66

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 50
etag: W/"60d93537-16a25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BwmcVNFGiBvlFRO31qSJyzm3tZAeHAXnhHBkN4SxfGTB44NkahNtFlmnZg652mEUbZ7JWP%2FVr1qPp1QhbzepfXvyP5rrxVhNf9UAlB2gohpgmsCgjZMzOVonHXnUZ%2FZ4p81ba2soSmc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2aafebb1f55-FRA

GET
H2 200 prox-new-6f58470807ac660d8f50fe544c823bba.png
lbstatic.nu/assets/logos/ 953 B
1 KB 17ms
17ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/logos/prox-new-6f58470807ac660d8f50fe544c823bba.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 49
content-length: 953
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-3b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBJZbFqj8ZsRG7btNI5MEJSk1keerxg3%2FfTpbmuoiImIJ8%2FRwD0%2B%2FNm3l3s0Mh5sUJabV1Ljg%2Fr11HlW%2FA3Nk854saFJzgnB93EXB3eKIgoMYgPAeMhZfk4z3CvxdydhoqwlLl1DiCoE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2ab7f751f55-FRA

GET
H2 200 more-0b061e84918c4f68f8a0aad60ae58625.png
lbstatic.nu/assets/header/icons/ 19 KB
20 KB 17ms
17ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/header/icons/more-0b061e84918c4f68f8a0aad60ae58625.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 49
content-length: 19662
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-4cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB1rmXXadQPquCASejLCK9qnXXfWbx2hevmIOZX9E8I1dTmhp6%2BR6p6zYLJXAi%2BE%2FHnmzm3GCzKka2PBGChsOcAiA3n8PMm95XWiShQGkP3WWV2Ni1hLvut122MTDvBmpZGEmsRGFclM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2ab7f771f55-FRA

GET
H2 200 guy.gif
lbstatic.nu/assets/ 580 B
874 B 15ms
14ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/guy.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5017
content-length: 580
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPLIvbpmiGQyLmivE3Zwt5MrL1VPebwSOuERK4T2rTOu7Y08oacAigguDG3Hs0o%2Fl4XEziRm1rR9dV%2Bo2IGlWc9v3r45rz8R2XQtuYYmf4l0lnz6BJvMEAYh0SYhRJ1cMzEtjDiuHAcG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2abcff11f55-FRA

GET
H2 200 ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
lbstatic.nu/assets/ 3 KB
3 KB 14ms
13ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5966
content-length: 2608
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXWnqwqiK8o3RR3TF0Eb43AVNGmuIgMIHBwbAVmmRblBQypa7JTz9lv1C8TbVdsls7wnuQxQpDmsWDj64O3KtX8ISuV4z01RAgfcZ1VDOLnIuqDK5u3OwlZg%2BPxDB8JTPm9jJ525z50Q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2abcff21f55-FRA

GET
H2 200 ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
lbstatic.nu/assets/ 723 B
1 KB 17ms
16ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87
content-length: 723
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FfW3CriKiA8C13Ol3SEaEclXTkUFOQqfC6lbCCA8YHCsowMO4AfFpLk2NDA9%2BFWnZOoKTyDR5NY4pkLF5fiVcdFZ2jBdqlQ9qkw%2F8b1UJovd4hfmvZHYVrvQ6aLd1kYUjUT7Hu4UXpc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2abcff41f55-FRA

GET
H2 200 arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
lbstatic.nu/assets/icons/ 686 B
743 B 18ms
17ms Image
image/svg+xml 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/icons/arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 87
etag: W/"60d93537-2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZQSD8Ew%2B9z2QFjwj2GLp69mLL4PmM5njjFzxYE4hXWs0AwaE%2BRQs2%2FDoZ6Rdhxkf8Di3M6GjmkwtZqFvFVuJCbm1R5ySd3cAsDMxsMuI8m%2F%2FM%2F0I7vtmN2rTE%2BdDM67Kl%2BM76tlBtJz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2abcff51f55-FRA

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
9 KB 10ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 30 Jul 2021 08:56:51 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
24 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdacecd3e6da4d7246a45ecfd7545d1d6466769f6891ff446314ee3dc37cdd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 257 of 1000 / last-modified: 1627012714"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24881
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:51 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 130ms
46ms Script
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .85G8ztlJpKwIOzy6DApWWrDlx6XsDBF
content-encoding: gzip
server: Server
age: 867
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 23 Jul 2021 08:42:24 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gnBXwACLqTXJ4V947qcqz61RVJLMk79qkHJqhvzqAfX65ri17gaRkw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

214bea12d8fdb75df7abe78d3bc15aa3f6bc19c359d06c62eba6f6b752015f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xMcgc60xzdQQM15cCSkgXw==
cross-origin-resource-policy: cross-origin
expires: Fri, 23 Jul 2021 09:09:33 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: N78vHTvrSq/lU3IYuCOMNrVcAXZHZtFt+Djw4xO7PM9m5K7FZ1D4169bqvPiA5JABhqgKmtbCiW9mX0LothEKQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 20dd75d4ada445c29c960afd4a576b66
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 23 Jul 2021 08:56:51 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ae7783fd17b43cc54536598b93ebc730"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ProximaNova-Regular.woff
lbstatic.nu/assets/ 85 KB
86 KB 296ms
281ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Regular.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: W/"60d93537-155b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGVrz12fn0%2BEgI8vbtHUgbpsUalJDMeKgvsrXSpCbDy5Q8Hk8d9vdbWxuBPhH24hPT2RfgEDrULkF10QnhHdkuzM1n%2FfqNzPSLWetHraofBHqMeZIE1uz9hwCp0vj8iw%2FN5tyOdyl2ZB"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2abe8432bd6-FRA

GET
H2 200 ProximaNova-Bold.woff
lbstatic.nu/assets/ 76 KB
76 KB 296ms
286ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Bold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: W/"60d93537-12e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ58EDgzfa0sOgDzcOAaB5UJFSAsNTkUkpEg4efJPgoTTDmlsc9ry5W3wwmVPgW6bwFCvwdjvqRoe6OE%2BbcaJUKW8u8ym8rsdgQKZffaQ0j5BZsgjhsELPVuTxVPiNyG%2FmkZFjOuoBOO"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2abe8462bd6-FRA

GET
H2 200 fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2
lbstatic.nu/assets/ 55 KB
56 KB 274ms
264ms Font
application/octet-stream 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2?v=4.3.0
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 15 Jul 2018 18:53:39 GMT
server: cloudflare
etag: "5b4b9833-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gpddn3M05MG4%2BtOnBF8r%2BOQfQ0kABqYpH7i6zfSx6PY0mhYfiBkPDZUZ7SiFkSCO84R4wEp7vacCkQijk7wcH%2BTWRmsU4JG0CMgBzzTMLc9K1dfOno9%2BcDl3XqNUW4Uf6JrZ0OYKVLqn"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6733b2abe8452bd6-FRA
content-length: 56780

GET
H2 200 ProximaNova-Semibold.woff
lbstatic.nu/assets/ 80 KB
80 KB 273ms
267ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Semibold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: W/"60d93537-13e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo4wi0j6eoqK5ELMiH8ihsOFL8JCswsFnouVqyECke9ZWk4e%2FM6Gpq0c2o1pLkVTB1mBl7iK7Bm7KAntt8IHCxdhj2qL%2FVXrE7nKog4yBFXCGdqin0w0jGEY87wYrdRz1NarD2dSA7X1"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2abe8442bd6-FRA

GET
H2 200 ProximaNova-Light.woff
lbstatic.nu/assets/ 91 KB
91 KB 14ms
14ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Light.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 6992
etag: W/"60d93537-16c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bvmbccUrrCaKsjoLMTzH1c8LFZ4z1X4eVPULw%2BRbSQVyZ0WlyfZXxZl6HfL7QfDDKccy9VzvD6rVpaQ2zXoEQC%2BBRsGDMQhFi0rdDLaQuMJhslYEyDOjE%2Ffs7eevRVs%2B%2BCA%2FgsFBLBb"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6733b2ac28c32bd6-FRA

GET
H2 200 new_sprite.png
lbstatic.nu/assets/ 26 KB
26 KB 12ms
12ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/new_sprite.png?cb=9
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60
content-length: 26481
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-6771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67Edk6oQz2pkoVLocNWRIu4%2BU9ksraVvi0yQzK9kJ8tVnkrwQyKiWkyMDq3ByjMSKUQ9OIX4BUXodu58OTqYn653ycbhMRrUymnNyTlYSiEPdH%2FKNsqUgh2F6JIJexny3Nnjk%2FPlYeuQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2ac48be1f55-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 352
date: Fri, 23 Jul 2021 08:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 23 Jul 2021 10:50:59 GMT

GET
H2 200 rules-p-15_abpQY22gxg.js Show response
rules.quantcount.com/ 3 B
436 B 10ms
10ms Script
application/javascript 2600:9000:2182:5200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-15_abpQY22gxg.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:13:44 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
age: 9129
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:43:01 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: bR8iSL67gngUktsyY1T6gAjH2dgbOw11S0iEfUS5dIS5JnRpTbHbNg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 134ms
39ms Script
application/javascript 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:53:44 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: aaHoXKe5hVvwyFmMNif8jU96pr8OhIoUUQk7hRypbDrEqYIsaDpQ7g==

GET
H2 200 bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
lbstatic.nu/assets/ 294 B
594 B 13ms
13ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87
content-length: 294
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUUHVh8KW69QA89J87UoaS52aefuwV5cdKmdWl6Ed1Khpx9ntUGmwWpJbguE2DYJqCsjjyMsif9UXo66Bmo9Sxke0WarW62EPMi5FTbnDcaSk5HVlS35s1qbKvhd6l7ER2NxifMpCCo4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 6733b2ac89241f55-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 227 KB
66 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6d3215366ba50612f5a38f0bf86fd262

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b67ecffb541423c7e681502477163588eb3d1605872f050da8be470f9f21e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://lookbook.nu
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EL+9hXFeS7erDhM76B2l9Q==
cross-origin-resource-policy: cross-origin
expires: Sat, 23 Jul 2022 07:28:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67617
x-fb-rlafr: 0
x-fb-debug: mw0h71DLzTQioOsR489m0fB7aZqBJV04K21RE3k4sKjpBr8KQqOVen27KI6ToomXxbfeMFo8fWrPuvM9Xokmdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: ecb1a3d77480af65f50fe737c4b32b6f
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Jul 2021 08:56:51 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "42a613b306865037600750c61377f8c0"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021071901.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 118ms
42ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 08:40:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117201
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 107 B
745 B 119ms
43ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lookbook.nu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

676b64a907d9e9a57616bd82de2523a1b0e43fac6cda79c690d0872c9556a5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H2 200 pixel;r=1111483395;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna;uht=2;fpan=1;fpa=P0-2049614521-1627030611953;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm...
pixel.quantserve.com/ 35 B
372 B 12ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1111483395;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna;uht=2;fpan=1;fpa=P0-2049614521-1627030611953;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=lookbook.nu;je=0;sr=1600x1200x24;dst=1;et=1627030611953;tzo=-120;ogl=site_name.Lookbook%2Ctitle.Hanna%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fuser%2F9511154-Hanna%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.Metode%20Menang%20Judi%20IDN%20Slot%20Terbaik

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-4019432-1&cid=574260757.1627030612&jid=125600437&gjid=853892416&_gid=1188008448.1627030612&_u=YGBAgAABAAAAAE~&z=710325823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Jul 2021 08:56:51 GMT
content-type: text/plain
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=365519074&t=pageview&_s=1&dl=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&dp=%2Fuser%2F9511154&ul=en-us&de=UTF-8&dt=Hanna%20%7C%20Lookbook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=125600437&gjid=853892416&cid=574260757.1627030612&tid=UA-4019432-1&_gid=1188008448.1627030612&cg1=User%20Profiles&z=1155953927

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 04:39:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15437
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
301 B 140ms
140ms XHR
text/plain 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&pubid=32930239-e300-4e84-8205-3dc868716562
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://lookbook.nu
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: _qRX6Snd5jhZbLl2pBLTnNyR6SnpTbv2ioN3o0PzXXhBpPQKb-xENA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 77ms
77ms XHR
text/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&pid=ZnV8ERcxMsoNw&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1093101%2Fex_hp_728x90%22%7D%5D&cfgv=0&pubid=32930239-e300-4e84-8205-3dc868716562&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: W0_DsZJuw4dxhdVbdFzflwFO-Max8Z6zg--jOcppXPj-VVC4uUt0eQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
42ms XHR
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 12485
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Fri, 23 Jul 2021 05:28:48 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QsibKEaG5p3fkQU0MmOXrXo8S7Hch47YM4NrKQ47YtcdP1A1CbnSAQ==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 48ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=71607949800&input_token&origin=1&redirect_uri=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6d3215366ba50612f5a38f0bf86fd262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: svAkj94WdnlyRZy9guNoTyvOBUNurPSyw8KIj7t6jfuTRCjbpXKXciX/qIsRPgfOEJWT/s08o22qyLaqLxw8oA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Jul 2021 08:56:52 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9=

64 B
331 B

65ms
64ms

Image
image/gif

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9=
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: syPZpXGvWuUB0Ms3RCHH0_6q_QqsfE4SnGMKNEaekFwjG9LU4_Oi5Q==

Redirect headers

date: Fri, 23 Jul 2021 08:56:52 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1627030612053&ns_c=UTF-8&cv=3.5&c8=Hanna%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&c9=
content-length: 193
x-amz-cf-id: -kNn4WXFMxzuIPccq6BjzAb781mVLh36QajMKWlROS8dwTxzJfZtbg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 484ms
483ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2457668436255620&correlator=2140865704618947&output=ldjh&impl=fifs&eid=31061650%2C31061787%2C31061849%2C31061842%2C20211866&vrg=2021071901&ptt=17&sc=1&sfv=1-0-38&ecs=20210723&iu_parts=1093101%2Cex_hp_300x250%2Cex_hp_btf_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x250&eri=1&cust_params=d6%3D3%26d20%3D20%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1627030612&dt=1627030612167&dlt=1627030611651&idt=482&frm=20&biw=1600&bih=1200&oid=3&adxs=990%2C990&adys=64%2C730&adks=1276300409%2C1030487218&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C300x250&msz=300x250%7C300x-1&ga_vid=574260757.1627030612&ga_sid=1627030612&ga_hid=365519074&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7f25b8954f9c7556f2e056e2b081cbfb156f612466a0ce8bf08c83af70ae5e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4790
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01FB 6 KB
3 KB 46ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 23 Jul 2021 08:56:52 GMT
expires: Sat, 23 Jul 2022 08:56:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 187ms
186ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2457668436255620&correlator=424758385761279&output=ldjh&impl=fifs&eid=31061650%2C31061787%2C31061849%2C31061842%2C20211866&vrg=2021071901&ptt=17&sc=1&sfv=1-0-38&ecs=20210723&iu_parts=1093101%2Cex_hp_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=d6%3D3%26d20%3D20%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1627030612&dt=1627030612173&dlt=1627030611651&idt=482&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=64&adks=3286650984&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9511154-Hanna&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x0&msz=980x0&ga_vid=574260757.1627030612&ga_sid=1627030612&ga_hid=365519074&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

723ef034efe4b8061dce5e81f388d000369f1d78d07ecafd1dfa62bb7c85b44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4596
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB40 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 23 Jul 2021 08:56:52 GMT
expires: Sat, 23 Jul 2022 08:56:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867007956318"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27997
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9406e80f7914c1235726d9f8bf04e6c8c531a45f87b8dd3f829de0641c4abe8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8472
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FB40 0
0 47ms
47ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUAhvVIT6YJntDfXI7_UPuoKr4AHEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoEwgFP0Ekx301aY98wGRaGrsSk_n4QT4dUphomn15V-Ksd_wEtMGbRPbswuWip7qotabvXNdqV9MypVhvYZuj7cIOAyc8CfBDKARqFZtYCGjU_daGdv7g_BMlodY8Vc_aSyqRtH018QkVbF9EcWIrFniYjQ-VJueUixtoi_j7rCAms90ED3Nv7ytjXkyp4GQXK6x85Yfy_biI9yilXXwnRQMNpyJ-_R6ZtH_f9s1IcvFn5e62Ar-wojkv3RjTEVMicHEFVguAEAYAG2tnJm_j5wMwpoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMDc5MDg5NDE0ODQ1MTc4NQ&sigh=Q9er7w6xkfw
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame FB40 2 KB
2 KB 145ms
47ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43056898;rtbwp=YPqEVAADdpkIu-R1AArBOlzlndTeUzu0HjomYQ;rtbdata=213YhU2VLU38Z5F7JJ-oagEfzc5F9pqNQ8yXWxF7E38z3_-eFjvHIz2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwnpH6Mpn4-GrKMi6ppxUdZqNdqFDgHwMQT14pjLGDFArNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CNcx_VIT6YJntDfXI7_UPuoKr4AHEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoExQFP0Ekx301aY98wGRaGrsSk_n4QT4dUphomn15V-Ksd_wEtMGbRPbswuWip7qotabvXNdqV9MypVhvYZuj7cIOAyc8CfBDKARqFZtYCGjU_daGdv7g_BMlodY8Vc_aSyqRtH018QkVbF9EcWIrFniYjQ-VJueUixtoi_j7rCAms90ED3Nv7ytjXkyp4GQXK6x85Yfy_biI9yilXXwnRQMNpyJ-_R6ZtH_f9s1IcvFn5e--Con6dXJC_iu-ShhubybpYlhAc8-AEAYAG2tnJm_j5wMwpoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3l5zh9x6OA7Ke4Wx5MBKCGbaiKbA&client=ca-pub-0790894148451785&adurl=

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c3a37da2f4358d4671dd79e13771649605c3d0b4eace1e84e082045ee14e7956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1653
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame FB40 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 08:54:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB40 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867014740240"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame FB40 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 08:56:41 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FB40 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 09:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 09:34:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C243 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 23 Jul 2021 08:46:33 GMT
expires: Sat, 23 Jul 2022 08:46:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A513 783 B
766 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a726398564b78620bea4b8f1d19d4dc3394a43ea25f7adcc77a794beca6d9e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GZ/pkoSw2R9etT5eFZPj6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

expires: Fri, 23 Jul 2021 08:56:52 GMT
date: Fri, 23 Jul 2021 08:56:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GZ/pkoSw2R9etT5eFZPj6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C243 34 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame FB40 33 KB
16 KB 168ms
54ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43056898;rtbwp=YPqEVAADdpkIu-R1AArBOlzlndTeUzu0HjomYQ;rtbdata=213YhU2VLU38Z5F7JJ-oagEfzc5F9pqNQ8yXWxF7E38z3_-eFjvHIz2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwnpH6Mpn4-GrKMi6ppxUdZqNdqFDgHwMQT14pjLGDFArNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CNcx_VIT6YJntDfXI7_UPuoKr4AHEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoExQFP0Ekx301aY98wGRaGrsSk_n4QT4dUphomn15V-Ksd_wEtMGbRPbswuWip7qotabvXNdqV9MypVhvYZuj7cIOAyc8CfBDKARqFZtYCGjU_daGdv7g_BMlodY8Vc_aSyqRtH018QkVbF9EcWIrFniYjQ-VJueUixtoi_j7rCAms90ED3Nv7ytjXkyp4GQXK6x85Yfy_biI9yilXXwnRQMNpyJ-_R6ZtH_f9s1IcvFn5e--Con6dXJC_iu-ShhubybpYlhAc8-AEAYAG2tnJm_j5wMwpoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3l5zh9x6OA7Ke4Wx5MBKCGbaiKbA&client=ca-pub-0790894148451785&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 24 Jul 2021 12:11:31 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071901&jk=2457668436255620&bg=!KyilKGzNAAbnC78O5ws7ACkAdvg8Wo5wXSpBo5AsCpEl_LFys6cMPsmNIEphF4ubYRtByfD2Bs82bQIAAABZUgAAAAtoAQcKAQyFrMgfdG9AjzulQ2xYHtDBXTUgAJfkcvy7Hp719sxPiAhacrJAsKNPSDdWZHS5JsQwQN68nN7FfqJcCVrnLu7A0yuxkZ8mBfIKYLgOGRT9MOCKau-6Z4JJjZtT7rSCx8O8ThZunAwLtglXID_GxNC40X-uz63kb1_zaaNWJJEse7Aw-Zpijm4LveE9av2DaBCshoee74V5FFufm2C1u1QXw-NsqKJ-fHJ_U0yQ4Dh-z62Sj2mPVHonSsWz8RebmlSZztwKfrDwdC93kyqlo0qYUT2VodYbq-EywBtrP02YCihIpfHapAG4zbMy4R5E0ReCdxD7DJ6GW91G3Lzqo4x_KvHY496ZSWtdA8fTmQJz_jZ6hCAHYgK1KtHYrxFyIneZwOinwNRkR6Xfxs5vqAZ5jafioc-rTgExkot1ffhKXQwCEbHKZ9_jr8zuPbv8R-pfzAxJmwtupcmf0rDNL7bSRolUa7MjpA-cPq8RhvcyA-_DDKhVDX_97DbAMwSgz5CvG50BbgzlKBdYzBRlqYlkB5tdF73KAUT01Q771hz2EqrFd3sQYwV090HCN5U00wSk_53cikYei_qfynhiybdppKM5vRmdYv7Wx0OFF8vxXKPUCeWHcSTnIZYaqXi6y0aLRk_wGMyWpme0xnpj7l95LtYl4u3jlWFkcaSqxW9ndaAG25oFJIqEpXxiCeeGWxfjBCkuIQaK7T1VUIfn6ZRnObX6y2ynKfmNgw-nCWFbB10qCKHKXb8A48j2YY0xXUYPPLPwMriQ8E03inHpoohihBB-srTGcPP_n9p4yJ7PGS6An-FFGbkWn-mhtnOfnRCJd5HcYRCp3DDQVQgFyFgulaM4yhpraTcdG5EgfWguUs-iQ3vE05wSCSqw8y_5QhPB3rnQ1Q_X6vg2tJPDWODYTCxFZdU70lAqx12PwRAMLEpqWPZdMQ8PQfUZKotkemGW93aSC6PDfqYk_VjzMNG8VC6rpdrDyJndvu213lIV8CL0L9JquXUxmCZRx7h0mnqqr0PNNJMUcRvfFSjuITHflb0s-75vP_LvbgLYdjG-xqMabh5xFQeAqjAN2rPJUfsIOLC-5NgJtaLkZLrowuzuGbCab7ufDHLmdKZOwj0Z1d1Mi9TtddPJb_wMW3anQjg7kfSjIODPnWzgNCWmWhIweIxu7-lNtVMSaq6HGWt7LN7u

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60DE 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 23 Jul 2021 08:56:52 GMT
expires: Sat, 23 Jul 2022 08:56:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FB40 7 KB
4 KB 68ms
68ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=43056898;rtbwp=YPqEVAADdpkIu-R1AArBOlzlndTeUzu0HjomYQ;rtbdata=213YhU2VLU38Z5F7JJ-oagEfzc5F9pqNQ8yXWxF7E38z3_-eFjvHIz2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwnpH6Mpn4-GrKMi6ppxUdZqNdqFDgHwMQT14pjLGDFArNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CNcx_VIT6YJntDfXI7_UPuoKr4AHEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoExQFP0Ekx301aY98wGRaGrsSk_n4QT4dUphomn15V-Ksd_wEtMGbRPbswuWip7qotabvXNdqV9MypVhvYZuj7cIOAyc8CfBDKARqFZtYCGjU_daGdv7g_BMlodY8Vc_aSyqRtH018QkVbF9EcWIrFniYjQ-VJueUixtoi_j7rCAms90ED3Nv7ytjXkyp4GQXK6x85Yfy_biI9yilXXwnRQMNpyJ-_R6ZtH_f9s1IcvFn5e--Con6dXJC_iu-ShhubybpYlhAc8-AEAYAG2tnJm_j5wMwpoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3l5zh9x6OA7Ke4Wx5MBKCGbaiKbA&client=ca-pub-0790894148451785&adurl=;js=1;adfxid=1x;1077;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Flookbook.nu

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5dbfdbc1584435c5085c463ca7f557ea3b9d361a30e5cb238543eb8b89ffe922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3101
expires: -1

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 60DE 0
0 47ms
46ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpfeEVIT6YLD1DeeS9u8PqeeziA_Es6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoExwFP0PPaoekVY4fc2jCsFyKY7o6rGGzqfvbSNPsMwhWQS8GeoiUux0_-y_iNfheET6fU5gmkmd7nR0u8E-YaGo1suNUu99b1WP_kQEirVK6CIAxeA3RZOya2cGkKu7hkmis6x1vvLb_BGTSg94CpfwYdJrcND1HsJHMWaBbOXS9Rzg3vRZwNZyd3VWQsjvZJ0TW2tywSKoI14Pw2inFsmd_IGgZrhTbRJlUyGuFte005fFiN3iYh8x2VRq7yEgspjx56HSza1sjt4AQBgAbeyLnb7Y2HsXugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0wNzkwODk0MTQ4NDUxNzg1&sigh=ibdQWS5HgrE
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9511154-Hanna
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 60DE 2 KB
2 KB 49ms
47ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43056884;rtbwp=YPqEVAADerAH_YlnAAzzqYtWpojip0DP15RayA;rtbdata=213YhU2VLU38Z5F7JJ-oahjhyIV_Zgeug74T_dQdGDCtk4AJ6sAX8j2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwqKTkJPvF4UBfWE6Tq0oy5eNdqFDgHwMQamRMNc46WQZNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cq_V-VIT6YLD1DeeS9u8PqeeziA_Es6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoEygFP0PPaoekVY4fc2jCsFyKY7o6rGGzqfvbSNPsMwhWQS8GeoiUux0_-y_iNfheET6fU5gmkmd7nR0u8E-YaGo1suNUu99b1WP_kQEirVK6CIAxeA3RZOya2cGkKu7hkmis6x1vvLb_BGTSg94CpfwYdJrcND1HsJHMWaBbOXS9Rzg3vRZwNZyd3VWQsjvZJ0TW2tywSKoI14Pw2inFsmd_IGgZrhTbRJlUyGuFte005fFiN3iYhsR-Y1BsgyUPlVEiozisPLcX5mjww4AQBgAbeyLnb7Y2HsXugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3g6S0D4qu8QDTs2ck1aoQOzDlVxQ&client=ca-pub-0790894148451785&adurl=

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee1761ad35258a1f6fdf001f7956ca31bead6806119dd0d0c639cd61d82c92a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1647
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 60DE 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 08:49:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60DE 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867014740240"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 23 Jul 2021 08:56:52 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 60DE 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 08:55:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 60DE 0
0 24ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJg-KNC7zgQf-t_yC6lwF4YxwQF2uDaf3Q9d_LTGzn14OXDjbo7cEbi-c_cbLpi5PpujmdoPSKX2i6wo8jmgog8OVbvw
Requested by: Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 60DE 22 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 18:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:40:39 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 60DE 33 KB
16 KB 66ms
66ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43056884;rtbwp=YPqEVAADerAH_YlnAAzzqYtWpojip0DP15RayA;rtbdata=213YhU2VLU38Z5F7JJ-oahjhyIV_Zgeug74T_dQdGDCtk4AJ6sAX8j2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwqKTkJPvF4UBfWE6Tq0oy5eNdqFDgHwMQamRMNc46WQZNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cq_V-VIT6YLD1DeeS9u8PqeeziA_Es6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoEygFP0PPaoekVY4fc2jCsFyKY7o6rGGzqfvbSNPsMwhWQS8GeoiUux0_-y_iNfheET6fU5gmkmd7nR0u8E-YaGo1suNUu99b1WP_kQEirVK6CIAxeA3RZOya2cGkKu7hkmis6x1vvLb_BGTSg94CpfwYdJrcND1HsJHMWaBbOXS9Rzg3vRZwNZyd3VWQsjvZJ0TW2tywSKoI14Pw2inFsmd_IGgZrhTbRJlUyGuFte005fFiN3iYhsR-Y1BsgyUPlVEiozisPLcX5mjww4AQBgAbeyLnb7Y2HsXugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3g6S0D4qu8QDTs2ck1aoQOzDlVxQ&client=ca-pub-0790894148451785&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 24 Jul 2021 12:11:31 GMT

GET
DATA 200
OK truncated
/ Frame FB40 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a877f49ebf798a5c3e3e34fba99514bea01d821ecf3441587ffc1fdffb73a99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FB40 84 KB
36 KB 67ms
66ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 24 Jul 2021 12:26:14 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 60DE 7 KB
3 KB 49ms
49ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43056884;rtbwp=YPqEVAADerAH_YlnAAzzqYtWpojip0DP15RayA;rtbdata=213YhU2VLU38Z5F7JJ-oahjhyIV_Zgeug74T_dQdGDCtk4AJ6sAX8j2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwqKTkJPvF4UBfWE6Tq0oy5eNdqFDgHwMQamRMNc46WQZNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cq_V-VIT6YLD1DeeS9u8PqeeziA_Es6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi0wNzkwODk0MTQ4NDUxNzg1yAEJqQIHvJTkwDyFPuACAKgDAaoEygFP0PPaoekVY4fc2jCsFyKY7o6rGGzqfvbSNPsMwhWQS8GeoiUux0_-y_iNfheET6fU5gmkmd7nR0u8E-YaGo1suNUu99b1WP_kQEirVK6CIAxeA3RZOya2cGkKu7hkmis6x1vvLb_BGTSg94CpfwYdJrcND1HsJHMWaBbOXS9Rzg3vRZwNZyd3VWQsjvZJ0TW2tywSKoI14Pw2inFsmd_IGgZrhTbRJlUyGuFte005fFiN3iYhsR-Y1BsgyUPlVEiozisPLcX5mjww4AQBgAbeyLnb7Y2HsXugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3g6S0D4qu8QDTs2ck1aoQOzDlVxQ&client=ca-pub-0790894148451785&adurl=;js=1;adfxid=2x;2985;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Flookbook.nu

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

731cc99bfaa141369aa2d08c9f5469b39352e02b707a06f87e06993a1d22c37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3095
expires: -1

GET
DATA 200
OK truncated
/ Frame 60DE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7d6fd477611abf66bd4d2be23fabab08b6d82ed3b195ddc8ba3eac50421eda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
track.adform.net/csimpr/ Frame FB40 35 B
503 B 48ms
47ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43056898&csi=D1x0ODFqxzosJxJkw3b5l1MDCH2zfrzPKIfeMiRDb8TrygPkIxxfk3tszV97luYwyozH9VafntvTdO7yqz3-HGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 42858537.png
s1.adform.net/Banners/42858537/ Frame FB40 29 KB
29 KB 62ms
61ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/42858537/42858537.png?bv=2

Requested by

Host: 56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
URL: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4e1ad10bf5a85f8160900afea3345295d14f7d18c915d5fdf43b11e86faf217d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:53 GMT
last-modified: Thu, 31 Dec 2020 10:02:56 GMT
server: nginx
etag: "5feda1d0-73c2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 29634

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 60DE 84 KB
36 KB 68ms
68ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:53 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 24 Jul 2021 12:26:14 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 60DE 35 B
503 B 47ms
47ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43056884&csi=ggvZDqxWA9CKD_oV92tRqShISw4sxZoyKIfeMiRDb8QJDwKV3Zer3HtszV97luYwlXwr0--B_0l6c4txLI7MNmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 42858530.png
s1.adform.net/Banners/42858530/ Frame 60DE 45 KB
46 KB 57ms
56ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/42858530/42858530.png?bv=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

120b8ea51366e6e5f31ef7eda4e5ee3e916cd785a43f39a9e4cc327cf1d9e7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:56:53 GMT
last-modified: Thu, 31 Dec 2020 10:02:56 GMT
server: nginx
etag: "5feda1d0-b573"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 46451

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60DE 42 B
64 B 37ms
37ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0V4xd_khPXHg4LgqwyxNsJlRGJ0yGa7JGp_FsmCOAr2acJjCw1pF2I1cKlcDCiyx0gYl5N612GagquLBRSYxFGqVy9xuh3A&sig=Cg0ArKJSzGrMU5wkpRCcEAE&id=lidar2&mcvt=1000&p=168,990,418,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210721&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1276300409&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627030612667&dlt=98&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB40 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqrfoWy-qwwpVdS0ygTYdwI1fQ1urSLdckyYJdcIJq0B1NjEVFWwX2WGHyMzD4-y7Snzs8I-KtOBe5W9kZacXl86Ie4qoeYQ&sig=Cg0ArKJSzMtQHYEAJVdTEAE&id=lidar2&mcvt=1000&p=64,436,154,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210721&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3286650984&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627030612379&dlt=20&rpt=488&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame FB40 35 B
503 B 47ms
47ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1687438477062336911@@43056898,8324445042241169467,100|1200|0|0|0|0|0|0|0||41|1|1|60fa845400049a8407fd821b5a086a4e_1|||1|0|0|B_TvXax8u_9X7EYoWZQhUcSrZiOENfYhmA8npyGL4wE-eVDdsqIGTMkllzAqADQrA7z_uuw_WOM1|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame FB40 35 B
303 B 47ms
47ms Image
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=43056898&event=178&time=2&baid=42858537&name=Viewable%20impressions&imprid=8324445042241169467&icid=1687438477062336911&eData=D1x0ODFqxzqJPVH1fTuT0SGeN2hRuUL84fn4X_ACi5hPV_GO5lgfNVKLaOi6RnDZyceLwfj4Txwau94oJsHc8Q2&rtbdata=213YhU2VLU38Z5F7JJ-oagEfzc5F9pqNQ8yXWxF7E38z3_-eFjvHIz2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwnpH6Mpn4-GrKMi6ppxUdZqNdqFDgHwMQT14pjLGDFArNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2&rtbwp=YPqEVAADdpkIu-R1AArBOlzlndTeUzu0HjomYQ&rnd=371019810

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 60DE 35 B
503 B 47ms
46ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1687438477062336911@@43056884,8262275730143884466,100|1200|0|0|0|0|0|0|0||47|1|1|60fa84540004de6507fd825ce508b286_1|||1|0|0|h7ZLvIDMluK48M5tcwHHbcSrZiOENfYhM984fKN3goBO0yw2X-ug8MkllzAqADQrA7z_uuw_WOM1|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 60DE 35 B
303 B 47ms
47ms Image
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=43056884&event=178&time=2&baid=42858530&name=Viewable%20impressions&imprid=8262275730143884466&icid=1687438477062336911&eData=ggvZDqxWA9DMl2okLN2qSiGeN2hRuUL8YaJU2uM20NlPV_GO5lgfNRfxi70UqZ4cbFQpT6H6LWoau94oJsHc8Q2&rtbdata=213YhU2VLU38Z5F7JJ-oahjhyIV_Zgeug74T_dQdGDCtk4AJ6sAX8j2wR9KFCOurQhy_7Y6rlM2KpebjIpTNxwrT2G2vyrDCjPfU4YxJxhFND30_wr8SwqKTkJPvF4UBfWE6Tq0oy5eNdqFDgHwMQamRMNc46WQZNTAkjh_4WEeiLbVJZHzabVwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2&rtbwp=YPqEVAADerAH_YlnAAzzqYtWpojip0DP15RayA&rnd=13652709

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame FB40 35 B
503 B 47ms
47ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1687438477062336911@@43056898,8324445042241169467,100|4900|0|0|0|0|0|0|0||167|1|1|60fa845400049a8407fd821b5a086a4e_1|||1|0|0|B_TvXax8u_9X7EYoWZQhUcSrZiOENfYhmA8npyGL4wE-eVDdsqIGTMkllzAqADQrA7z_uuw_WOM1|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:57 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 60DE 35 B
503 B 48ms
48ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1687438477062336911@@43056884,8262275730143884466,100|4700|0|0|0|0|0|0|0||184|1|1|60fa84540004de6507fd825ce508b286_1|||1|0|0|h7ZLvIDMluK48M5tcwHHbcSrZiOENfYhM984fKN3goBO0yw2X-ug8MkllzAqADQrA7z_uuw_WOM1|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 08:56:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lookbook.nu/	1970-01-19 20:07:15	Name: _lookbook_session Value: BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTlmZGVkMDQ4MTFkZTMwOTAxNDFlNDk0YmMyYWFkMTAwBjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxQWhOQWZaeThxd1p4dVFhQ3lSQ3VGL0RQU0VDUndsR3kydE5FWlJ0K3g2Zz0GOwBG--b31e9718a804afc7a2488d6adf88a83061a8e832
.lookbook.nu/	1970-01-20 05:21:39	Name: __qca Value: P0-2049614521-1627030611953
lookbook.nu/	1969-12-31 23:59:59	Name: last_op_at Value: 1627030611
lookbook.nu/user	1969-12-31 23:59:59	Name: last_session_at Value: 1627030611925
lookbook.nu/user	1970-01-19 20:40:22	Name: 30-day Value: 1-1629622611926
lookbook.nu/user	1970-01-19 20:07:15	Name: 7-day Value: 1-1627635411926
.lookbook.nu/	1970-01-19 19:57:10	Name: _gat Value: 1
lookbook.nu/user	1970-01-19 19:58:37	Name: 1-day Value: 1-1627117011925
.lookbook.nu/	1970-01-19 19:58:37	Name: _gid Value: GA1.2.1188008448.1627030612
.lookbook.nu/	1970-01-20 13:28:22	Name: _ga Value: GA1.2.574260757.1627030612
lookbook.nu/user	1969-12-31 23:59:59	Name: bookmark Value: null

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 14) Message: LB.Views.Analytics init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 15) Message: Dark header init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 15) Message: LB.Views.Main init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 18) Message: LB.Views.Retention init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56a161c21529ed50b7f943a41b591732.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.amazon-adsystem.com
connect.facebook.net
edge.quantserve.com
lbstatic.nu
lookbook.nu
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
13.226.132.202
13.226.145.101
142.250.74.194
2600:9000:2182:5200:6:44e3:f8c0:93a1
2606:4700:20::681a:12
2606:4700:3034::6815:48a4
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.157.4.24
37.157.5.71
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
120b8ea51366e6e5f31ef7eda4e5ee3e916cd785a43f39a9e4cc327cf1d9e7f8
1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1
1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd
214bea12d8fdb75df7abe78d3bc15aa3f6bc19c359d06c62eba6f6b752015f25
299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4
2a877f49ebf798a5c3e3e34fba99514bea01d821ecf3441587ffc1fdffb73a99
2c3b18ac8b2e0c6f6a051aa64130338b184036af8827228836b02d1c0da1fb66
305030926c53938a6a6df942f51a6f19378407838dc1ec5996580a391af7efe2
41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210
4e1ad10bf5a85f8160900afea3345295d14f7d18c915d5fdf43b11e86faf217d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5dbfdbc1584435c5085c463ca7f557ea3b9d361a30e5cb238543eb8b89ffe922
676b64a907d9e9a57616bd82de2523a1b0e43fac6cda79c690d0872c9556a5d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
723ef034efe4b8061dce5e81f388d000369f1d78d07ecafd1dfa62bb7c85b44d
731cc99bfaa141369aa2d08c9f5469b39352e02b707a06f87e06993a1d22c37f
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a726398564b78620bea4b8f1d19d4dc3394a43ea25f7adcc77a794beca6d9e6
7b67ecffb541423c7e681502477163588eb3d1605872f050da8be470f9f21e58
7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677
7f25b8954f9c7556f2e056e2b081cbfb156f612466a0ce8bf08c83af70ae5e5a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195
8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8
9406e80f7914c1235726d9f8bf04e6c8c531a45f87b8dd3f829de0641c4abe8e
99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361
9caf1eefbd4dd5e3281012f08550a931bf01eba9bf533085a281e3d683fc49fc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
c3a37da2f4358d4671dd79e13771649605c3d0b4eace1e84e082045ee14e7956
c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7d6fd477611abf66bd4d2be23fabab08b6d82ed3b195ddc8ba3eac50421eda
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ee1761ad35258a1f6fdf001f7956ca31bead6806119dd0d0c639cd61d82c92a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26
fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025
fdacecd3e6da4d7246a45ecfd7545d1d6466769f6891ff446314ee3dc37cdd50

lookbook.nu Open in urlscan Pro 2606:4700:3034::6815:48a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

80 %IPv6

16 Domains

22 Subdomains

26 IPs

4 Countries

1396 kBTransfer

3450 kBSize

11 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

80 %
IPv6

16
Domains

22
Subdomains

26
IPs

4
Countries

1396 kB
Transfer

3450 kB
Size

11
Cookies

81 HTTP transactions
2 data transactions