urlscan.io logo urlscan.io
SecurityTrails logo

www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.file-upload.com/lj85tdpa70v9
Effective URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Submission: On November 17 via manual from ZA — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 10 countries across 46 domains to perform 320 HTTP transactions. The main IP is 2606:4700:3036::ac43:b1f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.
This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
22 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
3 2606:4700:303... 13335 (CLOUDFLAR...)
30 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:212... 16509 (AMAZON-02)
1 65.9.66.104 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 3.71.149.231 16509 (AMAZON-02)
2 162.19.138.82 16276 (OVH)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 34.250.99.225 16509 (AMAZON-02)
35 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
57 2a00:1450:400... 15169 (GOOGLE)
1 4 34.98.64.218 396982 (GOOGLE-CL...)
2 2 37.157.6.254 198622 (ADFORM)
1 2 52.95.122.74 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
9 21 142.250.185.162 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 35.187.184.108 396982 (GOOGLE-CL...)
6 10 104.18.36.155 13335 (CLOUDFLAR...)
2 3 185.89.211.84 29990 (ASN-APPNEX)
1 35.244.159.8 396982 (GOOGLE-CL...)
3 35.190.0.66 15169 (GOOGLE)
9 23.35.237.151 16625 (AKAMAI-AS)
8 142.250.186.66 15169 (GOOGLE)
1 132.226.214.62 31898 (ORACLE-BM...)
1 2 23.35.237.56 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
6 35.244.170.237 15169 (GOOGLE)
4 2600:9000:212... 16509 (AMAZON-02)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 52.29.184.165 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 51.75.86.98 16276 (OVH)
1 1 34.250.128.111 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
6 23.212.89.123 16625 (AKAMAI-AS)
320 54
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.com
22    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.org
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
images.dmca.com
3    2606:4700:3036::ac43:b1f7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.in
30    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:223c:4200:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2127:be00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
35    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
30    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
57    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
21    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.187.184.108 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.184.187.35.bc.googleusercontent.com
rtb.ads.travelaudience.com
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
9    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
8    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
1    132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4216:7574:b4b8:a72d:d165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
6    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
4    2600:9000:2127:de00:1d:c7f4:f280:93a1 (United States)

ASN16509 (AMAZON-02, US)
image.migros.ch
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    52.29.184.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    34.250.128.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
6    23.212.89.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-123.deploy.static.akamaitechnologies.com
travel198849194933.s.moatpixel.com
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
421 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
2 MB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
403 KB
30 demand.supply
live.demand.supply — Cisco Umbrella Rank: 53681
44 KB
22 file-upload.org
www.file-upload.org — Cisco Umbrella Rank: 671147
550 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
mb.moatads.com — Cisco Umbrella Rank: 744
px.moatads.com — Cisco Umbrella Rank: 593
115 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
6 KB
10 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 127504
ads.travelaudience.com — Cisco Umbrella Rank: 5683
static.travelaudience.com — Cisco Umbrella Rank: 26643 Failed
133 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
63 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
eu-u.openx.net — Cisco Umbrella Rank: 2753
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
6 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 24940
1 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
320 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
4 migros.ch
image.migros.ch — Cisco Umbrella Rank: 631269
36 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 574
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
38 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 gstatic.com
fonts.gstatic.com
53 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
7 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
35 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
174 KB
3 file-upload.in
www.file-upload.in
11 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
880 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
629 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
13 KB
2 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
147 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14674
10 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1562
709 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
597 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
385 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6641
233 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
716 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1279
175 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
149 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 file-upload.com
www.file-upload.com
438 B
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
320 46
Domain Requested by
57 s0.2mdn.net www.file-upload.in
www.file-upload.org
s0.2mdn.net
35 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.file-upload.org
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.file-upload.in
www.file-upload.org
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
30 live.demand.supply www.file-upload.in
live.demand.supply
22 www.file-upload.org www.file-upload.org
www.file-upload.in
21 cm.g.doubleclick.net 9 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
8 px.moatads.com rtb.ads.travelaudience.com
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
8 googleads4.g.doubleclick.net www.file-upload.org
7 fonts.googleapis.com securepubads.g.doubleclick.net
rtb.ads.travelaudience.com
s0.2mdn.net
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
6 travel198849194933.s.moatpixel.com 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
6 static.travelaudience.com rtb.ads.travelaudience.com
6 googleads.g.doubleclick.net 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
www.file-upload.org
6 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.googletagservices.com 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
www.file-upload.org
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 image.migros.ch s0.2mdn.net
3 ads.travelaudience.com rtb.ads.travelaudience.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com 1 redirects tpc.googlesyndication.com
www.file-upload.org
3 fonts.gstatic.com fonts.googleapis.com
3 us-u.openx.net 1 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
3 connect.facebook.net www.file-upload.in
connect.facebook.net
3 www.file-upload.in www.file-upload.org
www.file-upload.in
2 x.bidswitch.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 c1.adform.net 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 id5-sync.com cdn.id5-sync.com
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects www.file-upload.in
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.file-upload.in
www.googletagmanager.com
2 images.dmca.com www.file-upload.org
www.file-upload.in
1 sync.inmobi.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 onetag-sys.com 1 redirects
1 dsp.adkernel.com 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 mb.moatads.com z.moatads.com
1 z.moatads.com rtb.ads.travelaudience.com
1 rtb.ads.travelaudience.com www.file-upload.org
1 match.adsrvr.org google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com www.file-upload.in
1 ssl.google-analytics.com www.file-upload.in
1 www.file-upload.com 1 redirects
0 certify-js.alexametrics.com Failed www.file-upload.in
320 65
Subject Issuer Validity Valid
file-upload.org
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
images.dmca.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-25		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-26 -
2023-11-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
rtb.ads.travelaudience.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
ads.travelaudience.com
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.travelaudience.com
R3		 2023-10-02 -
2023-12-31		 3 months crt.sh
image.migros.ch
Amazon RSA 2048 M03		 2023-11-09 -
2024-12-07		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh

This page contains 31 frames:

Primary Page: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Frame ID: 905D5C98068871B2E584C61B3AAC1A64
Requests: 97 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 414FCE3768F4161778601B6B83D7EB23
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: A1DF52458E2AC0CFDB8CC39F3C9E84CF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: F12AC3BD36C22832649678257256E389
Requests: 20 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1F396709E723D29EDA236895FB00051B
Requests: 6 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50A6A5FAD9462C3A3683CAC7E9823B7F
Requests: 12 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0FCBD0541B52A6E234FCC1BE2AEB1FC0
Requests: 1 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63131EE2C664D4095275C73C510CEC66
Requests: 13 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 937243E0E41F7D5A113E061B5B4EC0C0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVKQX5UYOCIyE2hnCvzdG2jtYcRj612B70QuhWeSyRhKbildluiWdF-1xlRy6wl7PSX6bYL6MM5WRfSL62HJTHxnmKUMA
Frame ID: 2E74BDB94ACB02E310DE4CC19D735388
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27379A06FAAD91B4B57447C8C4CC662B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C87E65E515E8666A1ACB4CA434DEED4
Requests: 2 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Frame ID: 49E80C9BFD36BC8C8B02C737723A3B92
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 77D2A2C2A9E5BF487CD0E55ADD93E9D4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDEr_PPAxikxIXdATAB&v=APEucNXNilYcXzJ9qZUBlFEZpVzyRIUOJow-JrnlloN9ZFgLuzvlB0whZT1AilOHphv90l-GH6aYpQ8Tt06B7bHdw2evAbDyPw
Frame ID: 0269511B6788C380AA604B8BB2ADC0BF
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Frame ID: 973195AB06F07672423F86A2452EA638
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Frame ID: F449F7A9F34EEB4D7DEBCEC1F4B759CD
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Frame ID: 07B9742D2AEDD4A20A7C696FCC541BA7
Requests: 23 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Frame ID: E9302F0027B195E08E81648B208265E0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F35280B3C9AE1DC44762E1756BBBF651
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2BF428806C1F75DEDB6927E17FD353D4
Requests: 3 HTTP requests in this frame

Frame: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D18649A70EEBB0BD7E8F1855F2A9867
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C1EBA71098457A0A06DAEFC3638B14CC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe99gIQvcvFpgMYnczv_QEwAQ&v=APEucNVWvgiNHIvHnaltCmsEfWyC8nowRma8DxXyVOlEuF_nLt21QwPOKS1yJMypFjkd6sh5BT9S08H0O0uaIji1A-ObRDIS-g
Frame ID: C2E03ECC50DC128DE30D1F9AF38152B8
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: C484943CFB98C5A76AD0DD3CC394983E
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47BD6A7351FE9983EBD47265D3A4623D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Frame ID: 4393965AFE38B2DC03F52289771DBC1A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3D5AF91D470E58A2978E32D72656333F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 200B026703F290112FAD9B4D498D7C33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: D4C2F1E845753D63E25C4DEDBF397A8D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 97ECE983E615A13F865C65253AC1F8BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

  1. https://www.file-upload.com/lj85tdpa70v9 HTTP 301
    https://www.file-upload.org/lj85tdpa70v9 Page URL
  2. https://www.file-upload.in/file.php?get=lj85tdpa70v9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

320
Requests

91 %
HTTPS

49 %
IPv6

46
Domains

65
Subdomains

54
IPs

10
Countries

4606 kB
Transfer

10171 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.file-upload.com/lj85tdpa70v9 HTTP 301
    https://www.file-upload.org/lj85tdpa70v9 Page URL
  2. https://www.file-upload.in/file.php?get=lj85tdpa70v9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.file-upload.com/lj85tdpa70v9 HTTP 301
  • https://www.file-upload.org/lj85tdpa70v9
Request Chain 80
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HV9aTHxjRHpHVzdtckVpM1YxeXVxQ3ZuSXVzWjBnOGlBWDJjY1duNTJoNERNcG5BVFg2cHNSemQ3M29xWkZYZDFuM25HS2VvdkFsdkE1K1lvWUM5MCtWdGh2SFErOTg4ODB5V2VLZ1JMdzI1dDV2M3I1NnkwZGRwdlBNWTV0Z2F5d3MxUGtuYUpYd2FNVEF1bFh3eUl1YzQ5QStpOXY2d2VXc256SkNKdjBGVlg2QVZhOTkvMFVRMWtHaCs0LzFIZWlkTzAzVnBodXhVTE1rUVVGdG9jandoVzdxRUJRLzQ1a2pPa1pBN0FabFlxZlpFR0g0RTZPQUlwaktkWDdxbzJKS1RkdWJWQ0Q5OVgxMDVsN2p1VFBZT3Y3YURicFVYdEF2Q0NmL2o1MUdaZGpGdz18&cppv=2
Request Chain 105
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4850702332823335135
Request Chain 106
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89&dcc=t
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbu5q24zyugErbkBOG7DQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
Request Chain 158
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbu5q24zyugErbkBOG7DQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGCvIzFMP0daCA35Zjg0PJE&google_cver=1
Request Chain 160
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjM3NTMxMzk2NjY4MDY5MA%3D%3D
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
Request Chain 162
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4Y2E5MzktN2YyZi0yYTE0LWNlMTMtMWE0ZmM2YTNkODA5
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPMm0ZDf4FJa_J8Wn1L3eig&google_cver=1
Request Chain 229
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzUyNmIwYzUtOGJkMi00ODU0LWEzZTMtNzI5Yjk0ODY4ZjNl
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEKLx0Z1ZBRP1Wg_fkeLNKxg&google_cver=1
Request Chain 256
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_cver=1&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8J-DA2CBvt_Aalp1KLtr5T5EUYn855m62qmOnTn7Abws8 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1a9e81f7900e180c&is_secure=true&networkId=14000&version=1&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_cver=1&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8J-DA2CBvt_Aalp1KLtr5T5EUYn855m62qmOnTn7Abws8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIHacm4o8pZQMVqQ5uAAAAAAA&expiration=1700282472&google_cver=1&is_secure=true&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8J-DA2CBvt_Aalp1KLtr5T5EUYn855m62qmOnTn7Abws8
Request Chain 257
  • https://um.simpli.fi/gp_match?google_gid=CAESEFhkZSBDvz-cTnwoYGQWYTU&google_cver=1&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa6Z0N8PkH_u_Ec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AF7A40A608EE4956AADECE2292DE72FA&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa6Z0N8PkH_u_Ec
Request Chain 258
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOgjRfhPSFXF87pYve_LxrQ&google_cver=1&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOgjRfhPSFXF87pYve_LxrQ&google_cver=1&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO&google_hm=lNDu9r5IT26lkqyUHqYjKw==
Request Chain 260
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDWtbLJKBRvATYx-CJ9IbiI&google_cver=1&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha6TbyK_Q1HA76kLOr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha6TbyK_Q1HA76kLOr
Request Chain 261
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDcPup22W-lZhsEI6AfTnKA&google_cver=1&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8&google_hm=M0ZNeTU3N2RkNDcxdUxSVTZqZnY=
Request Chain 262
  • https://sync.inmobi.com/gob?google_gid=CAESEIoyOzIJhlinCA5lvI-PDAQ&google_cver=1&google_push=AXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJOd9eTykKVIXPSbEmTP5ICQeH4y16XUnkGq-PHYnTBwl8c7egScZV HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJOd9eTykKVIXPSbEmTP5ICQeH4y16XUnkGq-PHYnTBwl8c7egScZV

320 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
lj85tdpa70v9
www.file-upload.org/
Redirect Chain
  • https://www.file-upload.com/lj85tdpa70v9
  • https://www.file-upload.org/lj85tdpa70v9
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa4a3168ae9f125774d0d0303aa352ec0c0a730125e10670a6378db2a857e15
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82754cab7e3fbb09-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 04:41:07 GMT
expires
Thu, 16 Nov 2023 04:41:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUYNDdCUwsdCNbx8yXpGl2omrS2z%2FEmzkSg3XB%2FliBeWQOb5RrZEDAGCvSiwEbD11vhuvND2diqmn8Du76As%2FHUP3uBqWttPX1phJ%2FKuqv9RfDNWER1V3dZF7RGElr0KwiNon11z6hmir9copxLb07G3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82754caabc85bac3-MXP
content-type
text/html
date
Fri, 17 Nov 2023 04:41:07 GMT
location
https://www.file-upload.org/lj85tdpa70v9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhTEZ%2FiQmCjs6q8QTbqqaqPQDb1eSFEDEkmgA%2Byj%2FciZjNL%2FkMAwztTa%2Bph3r2OfFAItbq%2FJwFQH9xczWjbwJ4urZd4v8Gbh3lnQD9eQChNBd8jOOrguxDd18v1DWbWASSVS%2FI2h"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.css
www.file-upload.org/mngez/css/ 		247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
691353
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrc4tFdsN6Y8TFPRyXBxierJP%2BhWV1cpvrfrd4WxN%2FWdEllU0pR1t6jfoqAx2cdDq2u3GVeww6MXPgHfQhnnHRd1W3VOukuD7Fg6tcpaOIjegUYmykmmbIFIgRC%2B6eeHlzTKZL7kFjCqv7ktTMJ9vStg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
82754cabfe6bbb09-MXP
expires
Fri, 10 Nov 2023 04:38:34 GMT
app.js
www.file-upload.org/mngez/js/ 		235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhXPjPOGvByRb1Nsds56LvmRfqrHf89A8E2%2FVHbUNS4XwqieQ20KMJGCligjAOY%2Fpj%2BDHtf0QTJVfgAprSgUcGGwz9LVlXvEHWbVOJVsl1lCD3zJyeeTPZVtq1%2BwpbWYnCRUpx1mgnDLa8sRm5KqHu4B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
82754cabfe6cbb09-MXP
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
775266
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeHK7JbWS%2FDtTBQ7Xz%2Fp1EW81uixQDfJyMpFxUYKStiPPAHZK9yxkTrB3liNN%2FcGI2X529WgB6NhKxwnY1xUc4%2BpCqgIj1xFki%2Bb4LEmGlRaSrTLMZIocT%2FVqKxMax5FteY6Z%2BX%2FcCylxp0L0n6Xnoiv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cabfe6dbb09-MXP
expires
Wed, 15 Nov 2023 05:20:01 GMT
email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb63F4Wm%2BKatPYP1FgvnKf1PpR0xTYxbDEDuR4e4qafqDMLxsSJNS1%2F%2FGlqx1tIT7616A3Qx5RMTvxvTX0k9v%2F%2FMmglkltz3yd5NTPfxZ9DUR1P%2Fbwtv3ytzAm%2FN5%2FBRLYlEhSFWYdK%2Bui0%2BMXWTKWrD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82754cabfe6ebb09-MXP
expires
Sun, 19 Nov 2023 04:41:07 GMT
anti1.png
www.file-upload.org/mngez/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595633
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dntZnm56DBgf9eYJ0q2laCydtdeIXr4l80Cinv8eUtlPDH0JyxJV%2FLmfi3dkC6JR0d55BXaeMbGRkdRL3AnZ%2BZXC51%2F5%2FUgqerXQ2seJ6ibqCASA%2F5GCqUT1E39JwyOaU2gLb3IpleZ0PKsekWllItLw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cac2e77bb09-MXP
expires
Fri, 17 Nov 2023 07:13:54 GMT
anti2.png
www.file-upload.org/mngez/images/ 		641 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
775258
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqLDUrzI%2BVH3%2BujIE%2B6uNjTiiYfvTHdgFj6L725TZaCHBs29RoLyh8X5T649QGHy1FoZqpdeVPDLmvL9WUUvDLEIMawJWNrjVBitFvV9cuI5O3MLYS1%2BPRsw%2FARQhSLABKtcaAGvoy40kX%2F2lO1tUQpt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cac2e79bb09-MXP
expires
Wed, 15 Nov 2023 05:20:09 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
09c5d6c87eaf08250efed4c94eb82d90
accept-ranges
bytes
cdn-requestcountrycode
CH
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701882
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kba4n4jpd7J77%2FEoVD%2BkPKxJAFX4%2FB5jGfJ7ESOCrpm6aVm0crLli%2Fx00KdT%2BhEZAfiGbnVhdkXsLp4Uevr1joIlPx21EsKbqHp0Y%2BfmN8IB%2FdEdEfc83sHvui9LFD86MIbrqUuipZt68Ca5SeC6y%2BvQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cac59510d9c-MXP
expires
Thu, 16 Nov 2023 01:43:05 GMT
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599690
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFOiNjFNkHo2lZ2OHrQlysergQViHz5HKGz2vIOwd4WpYWHyXE8AZfW4R%2BjJaSt24R6VYdchIplqs86V7vXMwAGpiLVFbW1uBIhu5DZI0qzhOqOM8Ea7z4bfIstT37oXrx8E96ZXSLRtYvJlQgXuSPhf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cad29940d9c-MXP
expires
Fri, 17 Nov 2023 06:06:17 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4956
etag
"12d68-5fe4d56c8e4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOzjiQcBNBm%2BQ%2Fy89a2PmMwPbd%2F%2FIYKrQMMREOiCFGmjWDtY8eKdqAO4iACE4Qsj2VTQQvrQOygg6tfz4PLdNt7Vl7hPKqcSdIANparMm72viNO1%2F4IhW%2B%2F%2FHI0yKqRHKOMb3kTaqvMMqax5LZFUVZeY"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82754cad499a0d9c-MXP
alt-svc
h3=":443"; ma=86400
content-length
77160
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1339
etag
"1ee0-5fe4d56c8f861"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRYE44C91shlF4Q8Nj8VP5d%2BXQlnoajW%2FXmEnlKAx57xqgR%2FElMH4KAhn5dnMqKOFuGPTNzKs5%2BA5ikS%2BjU37zswXw0R82wlGXTEbewp2pZNxcOB4U2WFrPJqRjxYvbLRkFtCu0k4jWzf6sx5PDHkkmL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82754cad69a00d9c-MXP
alt-svc
h3=":443"; ma=86400
content-length
7904
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2154
etag
"1ecc-5fe4d56c90801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pi6HM%2BgBjD7NEWc%2Flmv2x%2FzxfZKgGcLZ1b6uVjBpsuTFqAtPmqOUl5m54RIy7ZcD%2BNPiV3vRC%2BcBxQHIhnpQ0BVVghAb3ySF%2BXfend7WCg4QsRZNEsuPHvI95Xh2wVM05PLXH%2BfBNnIuyS%2FQA71jE%2F44"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82754cad69a10d9c-MXP
alt-svc
h3=":443"; ma=86400
content-length
7884
Primary Request file.php
www.file-upload.in/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.in/file.php?get=lj85tdpa70v9
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19782d17a99a0b86736668ac618764f5568d4b92087978a36fb5d9a135550ac0

Request headers

Referer
https://www.file-upload.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82754cae3e3a83a8-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 04:41:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqeZL%2FRIJx6GSOrrG5GY1XTsSSQy3sCWdslfUmk8p04%2BLW%2FksUAayMJS0p4NHjM%2Bm8OQFsPGrHCt0h18rdRDvi3fI6o3tRpGQxw2OiLjpEI6qQRc5jROvSt%2BpqHldLPfIGRjfQzHPHxvWAntiEipmKs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069e324a60cf83368c9da1144be586782be376fee7ea5c09a585ee9977fe783e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HFCS7AP0BT3VH1RRJ084J7YR
date
Fri, 17 Nov 2023 04:41:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
1083
cf-polished
origSize=4807
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"9b89c6ecaeda58fae074009ba464090d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
82754caf992f24c6-ZRH
link
<https://live.demand.supply/impl.v17.20.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin
*
blockadblock.js
www.file-upload.in/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.in/blockadblock.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/file.php?get=lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63589
content-encoding
br
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 11:59:30 GMT
server
cloudflare
etag
W/"64afe722-1c1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEhOrQ6%2BP1UczXbJQCuEwtoIRVf1eLIgua0UkdUeviX8%2BUgurwh0YpWF6rr3D7F%2F9DjyAPbnrkUNzWIabtqVFRaO63gEbBsY2RS%2BgPg1noLLbYdILT5dD8Pr5hQOulCCVWgUsnearBOfWk4uv6D9fBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82754caf5e9a83a8-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddb1a96f0064dfc215de614ba52440b88fe1d522039ca185cc7400f94da6466a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68727
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 04:41:08 GMT
app.css
www.file-upload.org/mngez/css/ 		247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1300685
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANFa6Hg5AK0QuqMgvtcly0BovJjSJCmqcFoBXa2uGZSMosb0YfDr3jKSGCYoY93nyvtziIMYSmnkD0Ck0OslKa6zejjTAC%2F%2BK0ngev3NZmAUwV5g%2FH0ZRdUIupb9jnIVIzqJRCUleUeKyrxeRZJqVz9V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
82754caf5a3d0d9c-MXP
expires
Fri, 03 Nov 2023 03:23:02 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad867af08bb726ce9decc77cb6a5abc88abfb9c7199a2b39b48e7c0d0849f110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.in/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 04:41:07 GMT
content-md5
IX3GK6FYNQrzBIjgrxaO/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88330
reporting-endpoints
x-fb-debug
kgCF/LXROnY7ZZx5RACrVps3ZstMvNHK6i/UAcNFvxKCycK3HOFgZNzR1SfnRCJNVZ4Rxm047Hfl8uD/B++9bA==
x-fb-content-md5
295e269cdae757485a86b31505ed5586
cross-origin-opener-policy
same-origin-allow-popups
etag
"d7dcb86ea01d94e9855cdee4a97d18ae"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Nov 2024 04:38:04 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47a5cc862a916c15f45d96b037fbd7f25c0a6dd9d7fd3753b9153662f8f4c902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 04:41:07 GMT
content-md5
LAVHb1D2SB2SuK4u69ItEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
x-fb-debug
+tMpUui9ceyZd5OJzF9MI314V3T3S0hlAxs2sA3l1IRsxWcqlRebcq31Los3sCHNx5hS+PXypwrqPT1Uu8Xzkw==
x-fb-content-md5
b69b71c9b645fc47cb8c41db0c3cb933
cross-origin-opener-policy
same-origin-allow-popups
etag
"f2d9e14786ab70266dc95742e54fb601"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:50:05 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 03:20:22 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4846
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 17 Nov 2023 05:20:22 GMT
atrk.js
certify-js.alexametrics.com/ 		0
0
app.js
www.file-upload.org/mngez/js/ 		235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqi5eyWbSyuOHSBq6RWFfCdddEvexyjVTQLQIx9VtgOdkIKoZTI481ePrLwNq46SH%2Bb9v1hiu2h2o2VryzqLgso3WFWrSqRmbQs1Sa4fNXHxYtVvTftthYoS3qKznIZ8ZhpodjInHnhL7%2FY3MeZhaGNQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
82754caf5a3f0d9c-MXP
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
523104
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fmk%2FmOR5AIdktKN6RNXvgOdwhqVtEb0w9hNaB4G64ufvUGs2x%2BmD1SxIyA%2FyYDmtUsIrdBv%2FQxucL2a4QoC5pFiZyHVmk5%2BgyjSfuR3Fdn%2FHCavTwOKvDJuu2bjaMoSHXXLFCI1MNf0q4aCJdZewz4K4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754caf5a410d9c-MXP
expires
Sat, 18 Nov 2023 03:22:43 GMT
email-decode.min.js
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/file.php?get=lj85tdpa70v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4yUf%2BbfHP31%2BwoAlHT8tSfF%2FYe%2BYuYFojYAUfOCq9KJ6FAZ9IwwcgoGngmpjXgTVcwZzsfwsk1qWqnYcGtaXlKYlQJGvYT0fPbf%2BinBVSVeU0HZG6TsSiHzzAIK8VaPesc7v%2FiRy0taDhFY7SBA1pY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82754caf5e9c83a8-MXP
expires
Sun, 19 Nov 2023 04:41:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 04:16:33 GMT
anti1.png
www.file-upload.org/mngez/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701884
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXIEWKfWrCAsRdzeTEfMo9FYnnQJI85SQhhrvlJ%2Flbz0H2hgs9ydpwYXIMb1D1xas6sp2ukOhJcOWknk3wzamX%2BGjUtDFtt9fYg3MRZh%2BS8Jw88fJleW1q1%2FHnfvxvHwv8P0yKO9b49jwq77Vhzp2Msh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cafba570d9c-MXP
expires
Thu, 16 Nov 2023 01:43:03 GMT
anti2.png
www.file-upload.org/mngez/images/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
704419
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8FTcYKdZNe6oMlXqq4mDpF91CukWMlXz6TTHXt2vIyEI4YcRCJDoPxwDVJJWeGkVJ5rasoocXUv6m4D9QoBK7QWp%2FfF6nxky6514Bin4emQI4BqTdcFPihfJrcZLI5fCF06NFFAFqaRbYyFKI3tdwd%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb01a740d9c-MXP
expires
Thu, 16 Nov 2023 01:00:48 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
eadd23008b5faa55e48a30836cd57c88
accept-ranges
bytes
cdn-requestcountrycode
CH
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701882
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqNRyaTgmPUa24A7yAQCLdFiOHrN8bz0vApAkWrHDL2bAolu9MmZdhqJzkDfhzSLJa9nhvPLohKXS99mC50W4otlbfvM6hp9sbJzrj%2FdMya2Gdqb%2FLbAfC2AkdeUkJjY9LJ15IMQQO%2Fl%2FJ49iC8Qmym%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb04a830d9c-MXP
expires
Thu, 16 Nov 2023 01:43:05 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=18d372d5ebcb390d06a8d1abbfbb7542
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e79b1636cae5ac6f8f5cc7e3910b81a26b6ec55b6debad1a2ea5f318db829f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.in/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 04:41:07 GMT
content-md5
pMrYvbMNxpqSDAxLRRDtiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86881
reporting-endpoints
x-fb-debug
lXt3ZXZWff7w4AWLtwG8KHaoHKkqWsJXUO5Td/9hB9Y8iZyIPhMx+St4jSmBeCHSwVinlsGunbN4G+baQUUj9Q==
x-fb-content-md5
029d5365d4bb63b845279690e122323e
cross-origin-opener-policy
same-origin-allow-popups
etag
"b1c0e572f29f3ba04c70cf9666b64902"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Nov 2024 04:29:21 GMT
impl.v17.20.2.js
live.demand.supply/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.20.2.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fa16cde4c728e23abd278bbdd85965de9f2c4c03a7c56193a323461ff7b757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HFCS742C0K1TT11KY70GE4CQ
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
33117
cf-polished
origSize=86155
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"c6632cc37d299e8dd311c82966208af6-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82754cb0fc2724c6-ZRH
d3d3LmZpbGUtdXBsb2FkLmluLw==
live.demand.supply/p4/v17-10-0/ 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107da2018099cf34600c3c7af88bf88c1f2808b5855432f5a1207927dcfd2960

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
82754cb0fc2c24c6-ZRH
alt-svc
h3=":443"; ma=86400
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599691
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUZ9a2PkWMJ8pMQN4VViT50zPOlqtwdBS9tjMVXi7PXzt1Xknp24Mi1iHTLXZXve1MXlYu%2BTUveMDEbnQPwVHOcvWr5FKdXDudm8Xok%2FiYvyWTy%2BR8K7nSCenjy%2FicIe2VLNsNOA0ePlmwW1jIZjHARj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb0fab60d9c-MXP
expires
Fri, 17 Nov 2023 06:06:17 GMT
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		0
0
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		0
0
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		0
0
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=193&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb1793f01db-ZRH
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d822c38d41c02f78be341a53c9a718a3c29e5cb1dd542eca27450d327eb16844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30708
x-xss-protection
0
server
cafe
etag
118 / 19678 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:08 GMT
ds.2.html
live.demand.supply/ 		413 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HENA90GPES8ZH8TZ8DHTJANP
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
14159
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82754cb1794001db-ZRH
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEWE8MB1SX911MVYFBP7671S
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb1794201db-ZRH
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/ 		29 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624badd25d4bd96f2ccd93b8f8aadf67417762d4fbe1f3bdb446c7a0ce565394

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82754cb1895401db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
29
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/ 		29 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624badd25d4bd96f2ccd93b8f8aadf67417762d4fbe1f3bdb446c7a0ce565394

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82754cb1895801db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
29
file-upload.in_fluid_all_fluidallshapes
live.demand.supply/cp/ 		30 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0981b4e8fecffe685068ec2a0e25505bcffd28a1d63e7f2a4c4d9a2b619ae912

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82754cb1895a01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
30
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/ 		29 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624badd25d4bd96f2ccd93b8f8aadf67417762d4fbe1f3bdb446c7a0ce565394

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82754cb1896101db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
29
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEWE8MB1SX911MVYFBP7671S
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb1896301db-ZRH
poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14137
alt-svc
h3=":443"; ma=86400
content-length
10420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28b4-5fe4d56c94299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf71yjh5vbAJbo1KLVEbtFFj%2F%2F3CpKHI2c52sJsW%2BYWgM%2BIVRdx%2BnOUAVEVAc%2BrNIkWlmdBCOuwWMKXQPpqX6c26EOkIe2IUSm68baQYiW314qNgHv6HugqQ0a5zjYIrTGGWqCBIa1sFlcnLRsCc6BJF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb18f3ebab8-MXP
fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14137
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"17ee8-5fe4d56c8f479"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZFTXxnhogYroNbNPdwvKtywC3w5VKDZUaL5Zaz%2Fjg7tyWMbH5O%2FqGsXUDqYif0fQlcIlEqjvtdF7T3HgyApF76BPFfhAkfZIlaailOXgN2Fq%2F7LgrG6%2BvHdz3CnA%2B9NL8dkMdYVFWKqHeNTvn8%2FSxj3"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb18f3fbab8-MXP
file-upload.in_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		29 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2b33a39dc305f37037c58dc7d3d45050c37bd74e8ba4d36fd89760f20e0794

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82754cb1896401db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
29
poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14137
alt-svc
h3=":443"; ma=86400
content-length
10400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28a0-5fe4d56c936e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B1NVKq%2BzRl60EheSDa6p0WMh7mrthnQHEBE7NmMDssNiDkGtAR%2F3S%2B%2B5NKZGQUnLeVbVcxYGYBiIYVI6HmScJgGSYhsN1hCkEgxfC4seB466qbJfXZsLc%2BSWt%2FWLiLLha9JcgFubmxLqybZe%2BaEClsR"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82754cb1ff7dbab8-MXP
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51fcb05eb96b540056f253c0ce197dd77766eb2833edeebff43e6acb6a9eedf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 04:41:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 03:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3087
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 Nov 2023 05:49:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
34266
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 19:10:02 GMT
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.2809225082397461&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb28adb01db-ZRH
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEWE8MB1SX911MVYFBP7671S
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb28add01db-ZRH
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.10125613212585449&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29ae401db-ZRH
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=1.8138580799102781&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29ae901db-ZRH
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.2809225082397461&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29aee01db-ZRH
e.js
live.demand.supply/x/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEWE8MB1SX911MVYFBP7671S
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29af001db-ZRH
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.2809225082397461&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29af201db-ZRH
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEWE8MB1SX911MVYFBP7671S
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb29afa01db-ZRH
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je3b81v9114416819&_p=1700196067795&gcd=11l1l1l1l1&dma=0&cid=967603014.1700196068&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700196068&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=897
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14159
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb3bc7f01db-ZRH
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
175866
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82754cb49aba021d-ZRH
expires
Mon, 20 Nov 2023 04:41:08 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:01:28 GMT
content-encoding
gzip
age
567580
x-guploader-uploadid
ABPtcPrkeBTNnr7iwEOQsOO1crWmoZ9iqL2ey0CP8aUBoDmjemJ9aPIOtU-feRiw5Wy2dKUFws4yGGOQFv5l4BNB7C1_dbA4tPMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:01:28 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 04:41:08 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:30:05 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Zv_E_0m5IdjPZIIwkpP-OD7psi3jopeySUiFMEShg1UFh0TA5UFrvw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35260
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta7V15J22HAMXzOZlML0kn22%2FcTeQUK70%2BO1TAjThBFSdtuYTdee7qj6wIL9yxN%2Bo2nDb%2BmZy4bvmafa3aO2R%2BwFtOqfpj5MhcBrCHA2ark57pLiKzZmIonQRYShpc6Jfjct%2FKUl1zpYAGtMwa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82754cb49d0724c6-ZRH
esp.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
BF1T1GST0AXJ83MD
age
2095
etag
W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82754cb4a969ba99-MXP
x-amz-id-2
3h2Z+jrcDfI2Wwx2xFuCow0XJFRsJ/e0TjQ5neVbF5edr/cP0llP8dCcnwrVsqX8ttr/md+Ismo=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
39eb078d2b1d2a4b5ed5ff3594bc7fa1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:be00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 16 Nov 2023 06:17:35 GMT
Via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
80615
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
s-KlgdBOKJBXVDyvg5rVfnayHWbFBUMOi0zurSvj2Up3fEcFyyPc9Q==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
75769
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
AcCT157K2h2ej5qQtKAs_lCdI8FSO-4VmsI1SrUZn96um4CsptxhAQ==
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
733 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=298134954264792&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068480&lmt=1700196068&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26interstitials-bid%3D16%26bid-p%3Dgoogle%26bsc%3D92&adks=79733870&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64d2e10948c90ba01d04797f9ec333663a636326e5d37cd93c542ab8a7e1623e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
702
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=4129916874989392&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbeac2f13-96f1-49f2-bb26-529dae41904b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068492&lmt=1700196068&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.6%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&adks=2440838110&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
677a9242625bc33dc03f676e9696cfbc30d2904c9d0fe043d71686b95bd4df2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15909
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=3027235401664113&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068505&lmt=1700196068&adxs=245&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D92&adks=3765069846&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
655e7dbbf642111cd33e11ef9edc4571f46dc5805f1adda4e5a5b094b6542fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46068
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=2955256336307245&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Ce5d6a113-1897-44a9-a217-a640317b4e22&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068510&lmt=1700196068&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D92&adks=3491314037&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3acaf50b74d1ce1e2104c6d05cfbfd774f1265ce8834fcaf62d8c499487de709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15952
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=1851139164874062&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068515&lmt=1700196068&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D92&adks=2040944824&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d52d8523d8e4ebbd15386d0845be41fbfb2c8f90750350f0b396940f2e67f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46043
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=2002622317991136&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700196068518&lmt=1700196068&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj92NTcvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj92NTcvTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGP3Y1Ny9MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj92NTcvTFIAFICCGQSFwoIcnRiaG91c2UY_djU3L0xSABSAghkEhQKBW9wZW54GP3Y1Ny9MUgAUgIIZBIZCgp1aWRhcGkuY29tGP3Y1Ny9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_djU3L0xSABSAghk&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D92&adks=2564496215&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
705fbf74c7c299a82bd0fb3af0c541313be5ec564f05ece5511223fb7861f2ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46477
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 414F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
39709
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
13319621592303420164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 17:39:19 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1640081045&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=608416586&gjid=208184465&cid=967603014.1700196068&tid=UA-119779859-1&_gid=1680182056.1700196069&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=471596834
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
68bbc4d19f9ff9046c4221aa906c5051f18df51dc1132b887f7a3330501747d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-/oc+maOitGcAsHKFFKvws++0qt8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.in
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 17 Nov 2023 04:41:08 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.file-upload.in
location
/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fed
ups.analytics.yahoo.com/ups/58813/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.file-upload.in%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.file-upload.in
content-type
application/json
access-control-allow-credentials
true
content-length
0
increment
id5-sync.com/api/esp/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file-upload.in
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame A1DF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
server
Kestrel
server-processing-duration-in-ticks
283753
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		235 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c400475c86a44c376ef9a67f37b1c33b8045d723984434fe20ce4f9526744698

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache
x-server
10.45.9.139
access-control-allow-credentials
true
content-length
235
expires
0
sid
mug.criteo.com/ Frame A1DF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=HV9aTHxjRHpHVzdtckVpM1YxeXVxQ3ZuSXVzWjBnOGlBWDJjY1duNTJoNERNcG5BVFg2cHNSemQ3M29xWkZYZDFuM25HS2VvdkFsdkE1K1lvWUM5MCtWdGh2SFErOTg4ODB5V2VLZ1JMdzI1dDV2M3I1NnkwZGRwdlBNWT...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HV9aTHxjRHpHVzdtckVpM1YxeXVxQ3ZuSXVzWjBnOGlBWDJjY1duNTJoNERNcG5BVFg2cHNSemQ3M29xWkZYZDFuM25HS2VvdkFsdkE1K1lvWUM5MCtWdGh2SFErOTg4ODB5V2VLZ1JMdzI1dDV2M3I1NnkwZGRwdlBNWTV0Z2F5d3MxUGtuYUpYd2FNVEF1bFh3eUl1YzQ5QStpOXY2d2VXc256SkNKdjBGVlg2QVZhOTkvMFVRMWtHaCs0LzFIZWlkTzAzVnBodXhVTE1rUVVGdG9jandoVzdxRUJRLzQ1a2pPa1pBN0FabFlxZlpFR0g0RTZPQUlwaktkWDdxbzJKS1RkdWJWQ0Q5OVgxMDVsN2p1VFBZT3Y3YURicFVYdEF2Q0NmL2o1MUdaZGpGdz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f122bc8930adbaf181f931815a64db2c10fb6a499f5b1a6d9865ef2cd2442fa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1239442
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HV9aTHxjRHpHVzdtckVpM1YxeXVxQ3ZuSXVzWjBnOGlBWDJjY1duNTJoNERNcG5BVFg2cHNSemQ3M29xWkZYZDFuM25HS2VvdkFsdkE1K1lvWUM5MCtWdGh2SFErOTg4ODB5V2VLZ1JMdzI1dDV2M3I1NnkwZGRwdlBNWTV0Z2F5d3MxUGtuYUpYd2FNVEF1bFh3eUl1YzQ5QStpOXY2d2VXc256SkNKdjBGVlg2QVZhOTkvMFVRMWtHaCs0LzFIZWlkTzAzVnBodXhVTE1rUVVGdG9jandoVzdxRUJRLzQ1a2pPa1pBN0FabFlxZlpFR0g0RTZPQUlwaktkWDdxbzJKS1RkdWJWQ0Q5OVgxMDVsN2p1VFBZT3Y3YURicFVYdEF2Q0NmL2o1MUdaZGpGdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
248374
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bac1cc8188874970353fc392a5202da2556d3a6220869b69c55ae395be3fc7b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12264
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:41:09 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame F12A 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:37:57 GMT
age
7392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F12A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 05:14:53 GMT
age
257176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 05:14:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F12A 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 03:53:12 GMT
age
2877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 03:53:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F12A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 01:14:32 GMT
age
12397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F12A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 Nov 2023 14:54:32 GMT
age
49597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Nov 2024 14:54:32 GMT
css
fonts.googleapis.com/ Frame F12A 		3 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700|Muli:400&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42dc045564cb5c0208153ab982a58ebcd5c26d2df6a95eca76b3f4499e4ce00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 04:41:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:41:09 GMT
css
fonts.googleapis.com/ Frame F12A 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700|Muli:400&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42dc045564cb5c0208153ab982a58ebcd5c26d2df6a95eca76b3f4499e4ce00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 04:41:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:41:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:30:12 GMT
x-content-type-options
nosniff
server
cafe
age
18656
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:30:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12A 		295 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:23:34 GMT
x-content-type-options
nosniff
server
cafe
age
4654
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 18 Nov 2023 03:23:34 GMT
3137061583287414291
s0.2mdn.net/simgad/ Frame F12A 		283 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3137061583287414291
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4b3f3c470f707996b6f5f4d54bb22a6cee8acbb06c76874399f1c14494664a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:47:40 GMT
x-content-type-options
nosniff
age
143609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289313
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 11:30:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 12:47:40 GMT
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.09&b=2&r=file-upload.in_fluid_all_fluidallshapes&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&pud=193&pus=c&pue=455&pid=67&pis=c&pie=573&ppd=100&pps=a&ppe=606&pcl=553&ttc=784&tti=1530&ttif=0&lca=606&lcak=ppe&lct=606&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14160
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb7395601db-ZRH
pd
google-bidout-d.openx.net/w/1.0/ Frame 1F39 		572 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b72dba913fcd4c971b930bfa2d0901c8ec83b2446380b93f138e1058c0205122

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
375
content-type
text/html
date
Fri, 17 Nov 2023 04:41:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame F12A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57b8eda85c43e42a7ba44912887196c204cc8815c9a8198c88d94f0fb2b7fa84

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14160
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb91be501db-ZRH
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FCB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.64&b=1&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14160
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cb9ccef01db-ZRH
sd
eu-u.openx.net/w/1.0/ Frame 1F39
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4850702332823335135
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4850702332823335135
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4850702332823335135
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1F39
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:41:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D5PZ3SKZ1FDSY2JAJ82H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:41:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SXETX1809PEKFKHCBNFD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8635068e-aaf2-cf4a-1bfd-c2616472dd89&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 1F39 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dee37af3-b658-74b0-dbf3-40f60c411669&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1F39 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4Y2E5MzktN2YyZi0yYTE0LWNlMTMtMWE0ZmM2YTNkODA5
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1F39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6313 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14160
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cbaae4b01db-ZRH
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9372 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14160
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cbc287301db-ZRH
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ Frame F12A 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700|Muli:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:01:53 GMT
x-content-type-options
nosniff
age
113957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18500
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:01:53 GMT
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame F12A 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700|Muli:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:52 GMT
x-content-type-options
nosniff
age
19398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18852
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:09:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:17:52 GMT
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14161
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cbe1b3901db-ZRH
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14161
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cbe1b3d01db-ZRH
ads
securepubads.g.doubleclick.net/gampad/ 		145 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3060809903794422&correlator=1458421396082268&eid=31079665%2C31079239%2C31079658%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dfe687ab544e6346d%3AT%3D1700196068%3ART%3D1700196068%3AS%3DALNI_MZTBS4qXzcaQGe8dMyjH9riLeZRKA&gpic=UID%3D00000cca32d895ed%3AT%3D1700196068%3ART%3D1700196068%3AS%3DALNI_MaopG6AcO_4-WN__eCRb48p6bVKjQ&abxe=1&dt=1700196070141&lmt=1700196070&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=967603014.1700196068&ga_sid=1700196068&ga_hid=1640081045&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDk2NTVlNTk5ZjY5ZjBjMzRmZjQwMGU3NDgxODYxNmQ1MzkzOGUxNTVjMTg3NDg0ZTFmYzIwNWVhMTcyNjgwMDcYh9zU3L0xSAASGwoMMzNhY3Jvc3MuY29tGPzY1Ny9MUgAUgIIZBIZCgpwdWJjaWQub3JnGPfZ1Ny9MUgAUgIIahIYCgl5YWhvby5jb20YodrU3L0xSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGP3Y1Ny9MUgAUgIIZBIXCghydGJob3VzZRi32tTcvTFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pUkZVNVJuRm9MMlpUTUdWQ1NsbG5aV0ZIV1d4c1FUMDlJbjA9GLTd1Ny9MUgAEhkKCnVpZGFwaS5jb20Y_djU3L0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj22tTcvTFIAFICCGo.&dlt=1700196067719&idt=684&prev_scp=ti%3D7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D92&adks=3111070440&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a644af49f92cee433eec7d0c7e2ea658e248810631dc771c291c58d265046c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53331
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2E74 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVKQX5UYOCIyE2hnCvzdG2jtYcRj612B70QuhWeSyRhKbildluiWdF-1xlRy6wl7PSX6bYL6MM5WRfSL62HJTHxnmKUMA
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 50A6 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Origin
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:16:58 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 50A6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
50186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:44:44 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 50A6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
45743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:58:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 50A6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
346161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
52677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50A6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50A6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJEkYUNcxez03Rh2e3-IN4tAYxM1UhZSHUfPDxYaArK03sHfNj9j0HVXq8-uZwCnZPfWR6D47nt2gBWesqkubXNMzYA79q5Z5elXEDOYX-Jz5lRYU
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 50A6 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2737 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
53896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 13:42:54 GMT
expires
Fri, 15 Nov 2024 13:42:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C87 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f322597b4891fdf35e362ce2f21c36d487f186dddfd4a41c8d99a7ec5af06149
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lgnS5rTadwo0L49wmRoLig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lgnS5rTadwo0L49wmRoLig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
expires
Fri, 17 Nov 2023 04:41:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rtb
rtb.ads.travelaudience.com/ Frame 49E8 		98 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
feb38ef54b3c0a332feaa5d43487c289268a3288b53fd4a684fd4186dae2f336
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:41:10 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-df5986d56-xzdt6
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 77D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
52677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 77D2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 77D2 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 77D2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0269 		478 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDEr_PPAxikxIXdATAB&v=APEucNXNilYcXzJ9qZUBlFEZpVzyRIUOJow-JrnlloN9ZFgLuzvlB0whZT1AilOHphv90l-GH6aYpQ8Tt06B7bHdw2evAbDyPw
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6313 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Origin
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:16:58 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 6313 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
50186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:44:44 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6313 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
45743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:58:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6313 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
346161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6313 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
52677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6313 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6313 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Czjm3OGL27MLhosTT8eTMqmRQMpgN_X-etI4e4A8J-PtbQ4VrdeDZwd07M1mkU-jDT0AjM4PGZruDzL2TmdAOf5JAI-IlbfnmQE0NdsaSo7s7ywak
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6313 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9731 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9372 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Origin
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:16:58 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9372 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
50186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:44:44 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9372 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
45743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:58:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9372 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
346161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9372 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
52677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9372 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9372 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZ8yj-QUn12tfSPpzWD4CEbFBJs8KWtCzylBC8IPIkUPocLk_kF0jGnGPFOjR1VgLl__uMv5Sr_i8E5YvQmZUv-EoM2oEEAH_CQZ11-J89P_114b0
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9372 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:10 GMT
pixel
cm.g.doubleclick.net/ Frame 2E74 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVKQX5UYOCIyE2hnCvzdG2jtYcRj612B70QuhWeSyRhKbildluiWdF-1xlRy6wl7PSX6bYL6MM5WRfSL62HJTHxnmKUMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2E74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVKQX5UYOCIyE2hnCvzdG2jtYcRj612B70QuhWeSyRhKbildluiWdF-1xlRy6wl7PSX6bYL6MM5WRfSL62HJTHxnmKUMA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4hUXEWPwefDrLzszNEtj01JtslV3ClqNT3GkljQlJoQbHzoWfHZr4PMdf3RqnUB%2BnDKIdNzZMBjLtHXDti2%2FMLTYCEXUuNX6EqgK7q7C68FttcRVNc1Qn0l%2FgXW3sQrV1xnERyo%2FcZlPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82754cc2a9220208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaA34Lr0afO5zDzJc0OkexJ89w%2BqgoRREFc7ntI%2BQye1OsJK2spo5ElLVwg0Yqki7kCgElDfvxs9aGZ0EpKvEXpUXs0S6pcwljMgUrFnuSd%2Bt4pGOneGdDjw0MIoHh42Rb%2B0H3SDM4npPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
cache-control
no-cache
cf-ray
82754cc1e8320208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 2E74
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbu5q24zyugErbkBOG7DQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVKQX5UYOCIyE2hnCvzdG2jtYcRj612B70QuhWeSyRhKbildluiWdF-1xlRy6wl7PSX6bYL6MM5WRfSL62HJTHxnmKUMA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=squaFfweSM%2Br9B5a2B5GMkzbSq9u7RH8g6bLSss9rb2%2BGC%2Bi9LZFRL9SBy4me73mh5JK3hEheSuJWO9KNwMy1x%2FuiprMhq8kuuq7uM44Q%2BX3giJDxqWFIWCW2gyY%2FV2vF7svspswk3o8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82754cc3788f01f4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0269 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDEr_PPAxikxIXdATAB&v=APEucNXNilYcXzJ9qZUBlFEZpVzyRIUOJow-JrnlloN9ZFgLuzvlB0whZT1AilOHphv90l-GH6aYpQ8Tt06B7bHdw2evAbDyPw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0269
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDEr_PPAxikxIXdATAB&v=APEucNXNilYcXzJ9qZUBlFEZpVzyRIUOJow-JrnlloN9ZFgLuzvlB0whZT1AilOHphv90l-GH6aYpQ8Tt06B7bHdw2evAbDyPw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmqpybPrwreo%2BQmnVswXg2m%2Feknv62CSx7dHF1gTA7UHUhcQiPfDSjt3DLvww7JkAn4DsnurFgMDc4nPE0I1ZdFNMBm0ZcqUu58JcEjkpXHkxsJ3vkNjrq1Ms%2FoIZwZaR%2FS2HQYVSn1LXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82754cc2a9250208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e78B71FZWdWc%2FlAlUfNFIp76X1Ut9oGOWcXV7rnSQg4vt2AxthvRMcNOpqGuauoqv51fIGeqQwvDim8OuS7MXJiCc42mBc%2BfiCcRhdlFEnsPKDtTHr3Fq4Gb5P01io7be5N8jt2bQNWeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1&C=1
cache-control
no-cache
cf-ray
82754cc1f83d0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0269
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbu5q24zyugErbkBOG7DQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDEr_PPAxikxIXdATAB&v=APEucNXNilYcXzJ9qZUBlFEZpVzyRIUOJow-JrnlloN9ZFgLuzvlB0whZT1AilOHphv90l-GH6aYpQ8Tt06B7bHdw2evAbDyPw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au9%2FEHh8pWIdXpnu%2FBSbL1rpNf8DJwheKyNnCKJqrvk%2FpzN75xwuWvWqrN6qDsykhkYiz9QjUZYedHeLdxza4gH2UIETFRMILfrS3AKX6yaTn2ayjwBPjoXCMsKgy85N%2FHkbdVKDfBxVyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82754cc3c8f601f4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENad5nuXbOfZsJetptuuV8s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9731
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGCvIzFMP0daCA35Zjg0PJE&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCvIzFMP0daCA35Zjg0PJE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
an-x-request-uuid
79ea3297-bd34-4aff-bc26-c4addfa44fc5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.214; 185.195.71.214; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCvIzFMP0daCA35Zjg0PJE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9731
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjM3NTMxMzk2NjY4MDY5MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjM3NTMxMzk2NjY4MDY5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
an-x-request-uuid
42134f52-3477-425f-8e5e-3fff70797a81
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjM3NTMxMzk2NjY4MDY5MA%3D%3D
x-proxy-origin
185.195.71.214; 185.195.71.214; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9731
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECBfClMuzJ1QpB0Ci9afDCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9731
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4Y2E5MzktN2YyZi0yYTE0LWNlMTMtMWE0ZmM2YTNkODA5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4Y2E5MzktN2YyZi0yYTE0LWNlMTMtMWE0ZmM2YTNkODA5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYhYen3QEwAQ&v=APEucNVtiay9pkSGD6EAvSP8a68KUWn4jvxOAVvZ-AswakiNhiu3kmeexZ90FkPqH67ZPIKvSWqXav1lOjKaIvUN_eWltxG05g
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4Y2E5MzktN2YyZi0yYTE0LWNlMTMtMWE0ZmM2YTNkODA5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F12A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame 49E8 		109 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+SC:regular
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7792b88230f4f594ff675dec20b2bfe3e54dfa53f48b7ba4c6b9a6e1272bea80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 04:41:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:41:10 GMT
el.ashx
ads.travelaudience.com/ Frame 49E8 		631 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.4618963439225024&adPos=&ai1=1%3B30000490%3B0%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BVOYFYTXfFPGlQ5nkhfV5eA%3D%3D%3B60023216%3B999%252c1%3B%3B%3B2%3B4%3B50002629%3BYzbqhpdYd0_iPcB6oxhCbA%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70016143%3BlTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-75c9797b6-4wbxq&bnr=0&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=728x90&gcpm=4236354&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=11&sc=&site=www.file-upload.in&ssp=0&sv=1&tsf=&ua=&uc=CH&ucy=&uuid=0C30E78B-EA51-48FE-8447-8305FDBA7D0B&view=&vrt=&vw=&wp=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-bb588bf9-bkx48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trg.gif
ads.travelaudience.com/ Frame 49E8 		35 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=445&pix=0&dp=event_type:impression
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-bb588bf9-rdwr9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
moatad.js
z.moatads.com/travel198849194933/ Frame 49E8 		332 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
30225cd3dfc2334bc1accbd3187078654fde7a749521d235d5382f06afe13f66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:16:12 GMT
server
AmazonS3
x-amz-request-id
109HWE5FMGW338NR
etag
"2f7f9b9fe26315ebe1ff29c8cca724b4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=49711
accept-ranges
bytes
content-length
115200
x-amz-id-2
1f4SFIF1R0AbaZt8+wf+tb8dvdqUtRPUymOk60akXsdK0QALK3FNPrYaCrYwuFk/L/5OwJ4PH78=
creative.js
ads.travelaudience.com/js/ Frame 49E8 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
a57b6eb013320f0094f0c57997c807b2b0f3dcd1df5440a82d297ab8bbd9cad3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Nov 2023 04:41:10 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 09 Nov 2023 09:08:41 GMT
server
nginx/1.21.6
etag
W/"654ca199-e1b4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 04:41:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:30:12 GMT
x-content-type-options
nosniff
server
cafe
age
18658
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:30:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12A 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:23:34 GMT
x-content-type-options
nosniff
server
cafe
age
4656
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 18 Nov 2023 03:23:34 GMT
3137061583287414291
s0.2mdn.net/simgad/ Frame F12A 		283 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3137061583287414291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4b3f3c470f707996b6f5f4d54bb22a6cee8acbb06c76874399f1c14494664a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:47:40 GMT
x-content-type-options
nosniff
age
143610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289313
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 11:30:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 12:47:40 GMT
index.html
s0.2mdn.net/sadbundle/9793915768876826624/ Frame F449 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e7ba22948576d44532a260d34ea13e62660ee894c063d437ba7e5c7f91bcc25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
expires
Sat, 16 Nov 2024 04:41:10 GMT
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 50A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmvIQb-oxp3tnneDNBcUmMQb8M5Rqfri_VI-S4XxL-xtJo_fDXaDIy6KbxA6kogn3AN1AAjbEchvpNcZVbF084A2Ohxhg0SWMZWgdNW0WV9OvQULXxPrSmejCqvnwtWCmErNfw3X3guYsV5CKPtY2hP-0dl0r3QqkVxYvfFL23GpZnIHjYTCFk7ALXK9prBnvKPqs8TcUTYUlwy3pA5NUZWHqh46Fu-DnmxblFOovDixdHMQHHvyIV5O7N2OXLhjZ9bJBgWEx82MKLlbdCv9WHiW524xfV_GoqlQq3hIAoNgJBfmsbbCfBtaCXH0YhQwmzDeUufKGbTKFZ6SSfpXXLIQLAQ2qt85_bZXpNVWZJc3LuljW8LE9sfM9kWoQc3eXYeCqJDV3iWObMli34rXVj1e7aAzurcXDgKqHdR4Kl2mNPy8_jbi7W3sfQtml1RHYGBfvYmme9CXcNqNporgo8gbQORkn2VkEf9O3aD6q5TUAkW0IVS13IzsVaPSabaiONurlu64KP83K6HrrBmprf5-jmKEoY_ndXt3CxKiZoqKh4Rm_d6ZWxTCSq6_Lv3FGC4sAeB4n1Ue_BDORKgU3mB7xla9rKRAvxcKNvJUAIExERwZwarQCCvA7Or_YlTayvDOcz9-X8KcUkXMrQy6qi7OG3IGeYV21H_XNjsIrDKus3tc32dusFjKl7HX69VwhiC5q_tHIMGzeJcPsIUTKscUKPq_BN1gImE9FdfbM8C0CJVVhGlb-e3qZB9uzCwlWQQINrChIUlXIHPfycRlsgYyoE_waCYzeWXgUZJK7BNrPg-TZ5sdcPxU9ArV9UeeNVW5Jh-zkpA9Ce-7Io3ML47gHS7TonrI9WTdWFIVsHZ2xdb-ol6JMLBcajNka2-bTlzoNG1ntBs6_SR_FSJDLKGgSDfmmzoNyAwgO6JIpw6HS-zma1FEbslmSo2UMjuOD3mnCkaRc13JckOSUAa7dMWV7Ai1O_bZG1aLp_gKG1hElZgZgCrhoaTGw-hO_7xmyiRVVtgWhBdbAjPVJ9ZK1mNFLVzwd6t2rbtMPHNYvVdQpdLihkMUsCuJYDwbWRGQ9x7UCzlRdkgz18SVTBv4Yeph9H-8OAt92shuPCmeQvbWL3KRv7eTvn7tkkjgpfw0RBOCD0DglHAmcYuylH4ytZjOfVIcgtOJw2Enku4l5ZVj3QTkJep7xadH0nL0S5WCj_-WeexC-L0loT7kke7NCY5ipq12yQr8XqFpEmdYZW56u6ETZM5oQKslHQndgqo92DwEDlM0WI8Jj12hXt3-Xq9d_EbxlBnorT2sl4IYmek0kRKqomyfNRhc_ew3jp0ZEb6-baKrkiw2WuewaUm2JVSaml5XSM0sUoOA&sai=AMfl-YR2IStEUpHt9zuxwQg0UkGThTLVx4pxp4r-x0klCTfcvQKgYTyFDsIKCK3szsOzc5FetoX01Qdx89SmKFsPW4T-Lp1c_V5m76M6ZQ-JDk236WGMq3yRtFIDhNK9qoQbMaRwE2HuXxRiv93Rai1FdShVZHbzlVTTOntR7NXDOhMPeZFyAE6ArHjAhL22x2o9ahs7saBF20TJfJ82XJSIMDmesB3HO3ndGATxdEMATqu5TDqMPvBpAQ8HvWOCraUB5fMrAWMXDDX1hyidJ5eVgl18jcQ6fzTLqDGodROeaMSvhdWmQAZ5tEuuHlfYVCxIaMQ52solquh8WZNHc6-mljGi-0LzttbokA6dgxtLz0_sujfAuN6NtwnqjkXicV-2svKN8wKHJZHZTJXhpVZFmrTn1JOQCkNhZlHbWBIR-rggImDlS7TmHcPlLNCSkqDd8j5NAjFJz7sS4HAieDsiHU6wTUySbRV98pEs_IEn9X0sWErNC_9Yoqs&sig=Cg0ArKJSzGq-9sGctVulEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&cbvp=1&cstd=629&cisv=r20231109.93663&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aff4f973ffaba13d0933c4b7c754c3e39d7df4f7f43ee0a0c1b2e5e040b4375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
expires
Sat, 16 Nov 2024 04:41:10 GMT
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6313 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu-suwLWoOoRaADSJnkKHCs1SzxWDMiqBLX9FD-iEziwiEgLM5FhrJo2EK_KEWiuLzZCE_p2c02t2EmuPUozT2jSmnFx9U9xvvntbkwiRQzogKumiO0_gJ7UzWSdc-KJpQ_cb499rV9_3gI8-C5pKMGHY6oit3y3lu0e-4h0-saUGgESnha3MBn_tQzO43bbPgcJMITartRw_iGpiuqREwY3DAJgeyLO8XU081jtykDACujywWmwx0sEpbeGcCkYoqzaeU5ui9_Qvlw5FOtTjyWFV-4_yykDZI0HqdPTAb58Osu0zcfENf7s_9YakPzyyE7zh2x-vXz3feARROF2CJDUVTpnPNXjn8Ag1AmrEttV85DeEUDml3fceMMmKB4-EFRtNvgokYCEjAzKoeMDnZV3RCb3Ir7SFHQSybmMYnSfquIP2qKkeWIgz-BkJF7xL_ocUrcxomaXWW-HgzRXhE6QZS9xrd8x-snIDIHIqXzJxgZgcQi9Vi8xBRbWiBsg1jEAFRu9E23tWdz3wfnFIFqmjjdGNEo_EPPH6bj6dBM0B2qkk8Skxm7sT1dbIrCN1JkGw16zNhXUKYJRMNMYU88iv9aqwM-e7XvA-jNVDrTB8ngc2duiwzXuOFiLjDPElud-eigkVkPw_LXsINHBPz02ftb1qVF4_hW8VcopqsJyjSsSjaebDW3RKYdVBBAj00gbik93-XcqiNvahWQi4-xFS3PbHiNpEMAe41_ACB8UQenuU8xlJVklPDftdup-BPkcI6CpfIcNp1kvfWkmCAmmvy6BdoAYK8dtxr5Nmn70Im-iBsEmyyCrORIhYyXCaDnQPZN-nzuQ4okEa-FA7qmYzdjrWcGRR0BO-LArIY3kOC__ULuaoKg-Fd3r8SudqusuztE-yU-cUqsqn_z8W34aYXY7eG7hljs4ReyttRQuvZS-1x8pQgFsxV9vZks_4VOjiACEe0FoRHDYkP0sBohDAf7ObSqSj1_R4MLubQ0b8H0j2WLERK3Etsv0-rIMIQ48JJZaxBd46evYf1VqPTgZ3GZtxAlKSnLqTYN6IAXqv9t8jt6wA0v3KeK0IOT61VQPvZ1mB0ctrgdYSjp8Auykkt-xIVddu7hjayBR0n6zHez5gIgFV3Roz1WcjwTaDsARxn_GF27muc5uk6e6Ch4IAYkmkQkOG6vs3qqoUIBSeyFag6oXG_5X4crDWklKXWx8I5ExNdWpv2G0Q7owFGROxMwTg5GR7UNM6J_Q99sX5zaJkC6N9ikMU0BVMDJ7YEUZ3p2sHZuGGjpgR_g14rcnJMgxOzcRg9SUqaPktxXK7RwXKZkbpj7Kezh5Ap7PBXs9OCrMwP9_jPCX0EXFtDBXEq9bfgNkJTLiJgBkCQxs9LzjUY5tyq8ZtTXw&sai=AMfl-YSR16rSzPpBNgwmm957C2lGZffKdp15buEQ2b2TQP0Nu5O2iKYJJ7j9_zo2y1verEd7dW72ksxp8Z1VtUKDOBcak-gAhG_DzslguBntU8_nxdjKYk6DLf9CX_ye_HMaWV1Ittk9d9GnKzSYz08tEGZ91PsQuyUaaqZ8VWW83t8mVvZLOGjR2JMFhC-YFGj3YTuiupz_ZWKe1x4TYOWulGIebOwgyCwncp3Rm-PmM3k7sPS8BjI1sjyVzcOi3x6t3vFjRgEuh4FIQGn2cSaIjwICTxgaKHRVp4PxrgzoP3d6hWPQ0MmrAN6Kzsx1jIYr9HH5Ck0Q-hK24qdbjvd6ryir91Ojxc6dzeEJNqybSFlaxgbLjf607B_6KRynKpjhBuFwPFqO1d74xag0kxpwwD2CZQu8hg54KjeqtcDWx4VgTuwk6w6Sgh60A47qVGaraaiiSERgtT6mjZ87gUL3eyeskoH5DuPo-FxZoJoTf8l2zTUuixFPnIY&sig=Cg0ArKJSzHojj8VvqxLUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=583&cbvp=1&cstd=565&cisv=r20231109.64997&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9793915768876826624/ Frame E930 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e7ba22948576d44532a260d34ea13e62660ee894c063d437ba7e5c7f91bcc25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:10 GMT
expires
Sat, 16 Nov 2024 04:41:10 GMT
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9372 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJbUN28N2FVtE2SHoofWbJ6Du2Hj1_DdPh8zGMW3IxFaY_kgp_z1CbSH2GzZo8c3y5Or5r7nKdNpzYKi3ydClq7lqrLXdik9HmCNv4CA1PC3wCXUkQXcaIN5yRcX0pV0RJN3zRsgfnu9rKcJS1_626ZZc107sXuJ5Q30WzklH876mKc5YDRF3h_3tGpgG6S4g8LhuGqi6mVjD2AmMP4zHKLc4nOvjhUAchYSYg7wGvzXDXyhB6oXaldG1SfUuUmU15fqkC3mExeOjgk-90vKU4NJwi8xIHYJHgDUFG_8CuOe4tdg7dTq598hFrzPwJQo8EbVX1iqd03CpmPmhPGkVp7-GhNOXm30fuEb1qISJ3W6z2XFYVPP56UwrXA3Kr2Lpxv48iOhiBoQOcgyNddTdac0KY9FaFHizP7fw8XZde7kKutTgLP9oBSQwTG5JpnZXUp8Gv4N699H6UzB0wE56nwA6W9y_ip9rc_LG_WtELMxjsY1lVSvefpqC6Y-5QAuKKNUZbQs_1GS40D63aUZchcGO4MXenzJ_L8ddFoS_bjcO27h4CxLqzZ3R92FhLGWddJ9JBmJxMFUzz-uEL180OiF1D3-mgdf5vPS0gXd6aak5oy8h0Xmqyhk6SNyHk9sP3qaGA9bYTdhzqRv-npaRFlBMXIMh1OtRfbC1B6NVBaMhrk606W5-6PetUQTzmy45mNXqUFO26yW_viVnvd7DHdP1g5ETsmXV9Uw3jGbZXOH6H5wCrjAJyMeUVayGDggPtAYiPx6RhDyX25o8T8BmUjbVkkwn5WHSSK3p-J5sCmDDvXBEzZeWvrIqAAG4j9Kn0wbs3FLqj8UlK9Kz60NYvjO4N8lSSL2x-_d9i2fdJwVTrgTOImhfd3Xp-ehReJDs4Ntn3WYoPgIEqWCbaP6KbUPl4WPbg-fMfR9o829ABumYgMcq7WYn6gwQQIDf7fSG78-3dgfPvM7-zEOaiykSSKhyCqjcsYpmGLCS26gyd3R9rU2yliAMe03szUhPhm0-MvLItkpJ1y_s10VV6__1an8nHrvSflXtOYp96LQ3vvF7SqY7iE6a0XfRBcy8Orxep4J-asUQOOfxJz7o1YQOMXkuGuES-4pyhvWpoNZeYn8dRbaOwWRff9UQDw8w7bOB4K_yI3-O8Z8cNgWWcWLkU8bhwVdb-y4v2dUdPYw11NKRzXg-oXtSIsJ4H74UA6IB3JpHk_oAItPtzBpPvUTc_p1wOxGsu5hnN9DKmSMxvLgTFiG3LP-3-Zb2BvTeJfuH6Mo52xJtIMRWQl42jYsFAtSHP1S6orf7pRQAjdBF3feb5xGRth-EWEE-uhvPXkO-k5IYCdKD5i1s6eRVaieGtRbY&sai=AMfl-YRIPQjPDdmrFIeUxiIwhZ0HU448h6GUycCnFqgaq7_Il28kU355Y-4t7si_4nFE0IxPeEDe8UfeTVzGorPnZUuE8K1FnwgMgh_tL49Xe7pVxwKbEZ91kR9AJpjQcSZ35Cg3VLeI9q1-ATyseuxlgLPDVfk7QysiRzrblT7LcCyUgUoi_WRKb4C-FBXCWFbYAYvU56aGotRbj4bVoQ83qHrFNBhMkd8fQfpldEcsHtPncgf8o08ms-OtFc1mBk3Ycv9lRtXIjpvkTjbmOeKSy30M976CH9QsUWJdyT5IW_BTsSwLGN8sNralAKChFrF2kFCDDCXr7_C9_9GD40AXolBt43Hwxuk7L55WGjjiddwUVaIZDk4kLWvc3yHGrtDtM3Xq_YQyCJA6C9FdlfDvwiwScNVCh6D6Zt-ijQoa_rvSdSZYOejFp3tt-O-plKqXgBADnW2OvZArOATrIew7momY_hwT7wKyC4SjgblhxGN-VApXfFtyYIA&sig=Cg0ArKJSzEWd1fE6zwldEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=554&cbvp=1&cstd=540&cisv=r20231109.98206&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 04:41:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 77D2 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e3d55a01bfbf7a07fba2346d5daeca58475f431eca75066754df1cf01fd3327

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F449 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:41:11 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame F449 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:44:02 GMT
style.css
s0.2mdn.net/sadbundle/9793915768876826624/ Frame F449 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecbbfdfa2eaab52264d248091a8f1a26e0fa1a73d188b5fac90316327549c1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 20:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2108
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 20:09:14 GMT
css2
fonts.googleapis.com/ Frame F449 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame F449 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4902406/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:29:49 GMT
x-content-type-options
nosniff
age
682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:49:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:44:49 GMT
main.js
s0.2mdn.net/sadbundle/9793915768876826624/ Frame F449 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b05e6bf5abe4a113ef2c6e2e9d85d8579a86cb3964159f4849f01d35b3284a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4159
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 23:05:13 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F352 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
601011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 05:44:20 GMT
expires
Sat, 09 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 50A6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c9fe3cb26c663d000a40e9ec741dd52dbda756e98c15ff7b0f0818f9b918a02

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=3060809903794422&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 07B9 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:44:02 GMT
css
fonts.googleapis.com/ Frame 07B9 		2 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 04:41:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:41:11 GMT
HYPE-752.thin.min.js
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/HYPE-752.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113426
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24577
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 21:10:45 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E930 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:41:11 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame E930 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:44:02 GMT
style.css
s0.2mdn.net/sadbundle/9793915768876826624/ Frame E930 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecbbfdfa2eaab52264d248091a8f1a26e0fa1a73d188b5fac90316327549c1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 20:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2108
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 20:09:14 GMT
css2
fonts.googleapis.com/ Frame E930 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame E930 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4902406/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:29:49 GMT
x-content-type-options
nosniff
age
682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:49:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:44:49 GMT
main.js
s0.2mdn.net/sadbundle/9793915768876826624/ Frame E930 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9793915768876826624/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b05e6bf5abe4a113ef2c6e2e9d85d8579a86cb3964159f4849f01d35b3284a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4159
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 23:05:13 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F12A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8whOmm1LOVCOjKroXALrDZu7PDC4HXUWFV-hoKVjpIzi6kLyeUVyyK-T7P74LpJ93z63PvA1dCv5_UlyCUx6REJychzUukDFq553lla4V6-5cp_Cy0cbk-wixAwmoZa82exTsSCT-V9nJhgm3Fpyt2CpAXQ&dbm_d=AKAmf-DDvtEVVx4tf77_mf5i2WIpphuBAEfr4CetINhTx-SW0aogmFz9cwz9Yl2BM3G57yOZY1ZW1MW69q48yo_36BgTXkJMBL8MYxFVJWLKd-A5ZpPOkjooxYTuqdD217-OPIcjYYL0sWg5Vmq8FmpZF3S_YJt0ZKPATKG47vG8qIH0z0bhwaIxlUc_TSP6UggP3lV4chGG6Eo8V9xujO5piYvCgVZ0zXClMVmsFad0s8Ir7URIchRZNd0PUBXVc1ak3dux0oJdqyH6K-lkbqsQUHgwbO-Fi_h1P0i_7cucMhZ60LhnShfumMi3ht8GkJj8jzN-S9FRYh7V5b3lWRJMtzD6HJziA7N9JfNcHOicWxgjVIgxPJmBVaSadAafp0UDBrigCa-1oLZjx3tOity0RUqhgikVLzi1mwOqi2buoAdEkcpAZXMIk8j_7xd-2WHNG23hXX-8Ye4F4ld9ul-Mp9-aBVeurK7WQYteVXQ8uxh_nHwYIXCjZwDyVQ-a0JgqR_El2FDOwW3c66TJJZaj-0GcQN203QDiefLQ8__yZRrvIsHtB31ZJLsfTKcZhu9W8Cf8f8So6k1Y_sjckCk8JxYstKPj9eS_WMmgL8H7y7ZnlBg5dcFy87WK6c4pwHCq62XNqkMHPpJBNlshA2EdXpk1rRhuxbvZzQeeg9TzirNrFXV8kVEYPbuc8bi3Pq65VtXcdDQK0cySmQZkM6hFLSz1dzfLARvIqgSNZcv0RZrS_8ysBdS6xcFLFk92K5Abe23uHV7DwYWr30Lepw9TC_R-vw7C4bU5mbj2wj7PTVaR3O4OL6VbNwDeCe0hVnPnTtByp4F3foci94-qOIYC5sEv5_B9ShfftmEBs0yivI0HMXZwVzmF_ub5Ly_KZd1BtVY3LBhpe9fIPeRgB7cZXyOd_79I1kw4uiNhK97bCIErY7OocRUUux766cdUZ02tfF7DfVWeUqYDxTr7Sc2L6ik-QIAiIIzVp8eJyJlbiV_-eGnR9wM8-sK6NAtJbcHmEKkNezfHdMwwachtZyuRr_Y7GwUfgCxM75iyg-LJsJ7GTgja-VZyrZ9ociz7TVCDl7EDe6D8gw6hjUhT3EkNwOtFgr8_KSMdz0JcwcyDu5YVPYNPJqMA_dPxdWaO2DYCWgim7rJFOpuDaWN5OX1XaIPcN7h4TkhnZ4nSyhhMgwp8lETK2mRFahB7_vbaIsY3t5j5p4uwsEwUeoy_WLGxAZu64-x8vzCegOmVXRtewnL3hJNpDObXa4w4VwmXOEgRHZVv_XyHS70LenbhPVNvNTtvZqUTCc9CFu6nLz6MA9w8wLRMk16MmStF8RYZv5Ktu_XBaq2qAhTLzx16_jAOWCY1XA-YvTE7VzXiXGAL2sijH7IxHLsdG4fJZcr8VRUxW7EwmwTk2DRgXjt7UAL-8tYNUqMISDypHgXW4RZ7c3-kifar5d2KWZC6VgJpCqeMJEz0eA8SeFcJk2m7r3c8gOSGHjdOSqjQ8OqEbz3d6osdvY9CbkK-7abzr0oBnuU72xkqE8dvRnCLQHdrEud3DbBKqZw6wW-NPgZmd47wzIPVhOOCJMDGa6qxx7WdcmRLPl0nJ9MxjGDgxG4twYZfJpX9HtzVzjHh7q04JZalOQ6VMPkJdcAeTrA3kdVy7HkRXliC2Q8OQ4_sjhUDgBjKuw9xBkSruINC7ScFsGNUEa1BpVA9hFElXc_ySkFupz1TWmzSOGOXJL0Mh9z4TTfw01cCtOV7J6grAozOt5vIKAAMq-JTJkJ2eiKFUju_AL6Ckv6BZPyeLixXwAATvH_1tdpJLeuEF0MYyp78H_p0ves_9ltOCjJmoxavHNjwSODUhoRt3leJMQpg471ilkWPGJR2TTTbr15acCEXV-I3sqaqe1pzO3kF-mKY7odGm0Kl5aIV_Tb9LewFw25uXWQCYqPpp7PpMeHFzADEU2FRHb95uo1gRKaNm7W-j19P8bFXDd_PQO0m18LXbyUVM1fUuDIl6qKmBWSabCKe6ApL8FrmlzTC0GdafttYnVeTQ4fklVCKqba5ttwEeMf4MwbY-t8bxSOc2c0AxTkhYmuV8HcUxLWPY-oyB5APTY_hYXhKFSJGsaBKPkiQpqWj37CeGaVaig9X-8EduuKMazWtVk3hddey70P4jgEDI06KknIjqsUfXKysfj8bi4SoPktrwx6EhA4N_D4e_xUk-EO9YZhccunItawdHfyohzt3OYif9xAiQuqNsiP2V6AnROyvXqyvfFbT4lFh0Ggvml2SQ3jPK90EBpS9T1zt6lDdzmX0zkZfQRsTUUvyq_JZtyVgaHomz0721_x_9q4baRC5ZIiKQEK7CAM5V4lnJLaq41hPQ9VLybjMjxSSYOtZloSvdsJKr1aI_jwFvhwcK7TYgOwNA5kKzbE5e1TMare3SAa3ybqa1XPeIriiQJERAThVAaYk57n-ZjunAOXPPYhGBadQ9YmY5y-FLRPlWY38M0NpBXfNnvEX0XhgKNdNzCJYlmhRUTAoqr9Hso8n4InSlN2nqLgBUkZ13uKKG5rkLystzHurvb443ynFrZQm7dg32WHFftDnoHS59MGQOOyDiGW9BYCiX0N0arGgYb5oTWYwhRG-JxsMFLVesnw-jN6E3Wq255Y_KYga8_qOA1W9M6A5jJfWgpxsgSgjyik3M1AqZjRwT1sQ3_VQott10r_fiN6hdG5KR8xUYpnsh85Stk79Xj-4rq0Jml2KIB96IvT3UHpvsgA6gI_GlCDumy_tLLX8sBZGF2_yI7E17e7lAVK8kKbszpylFG1VV-jK8SnNh79wacLY1IfNMtimaZzs7yHiaYrlo4_JDvLzjaTf4IcWG2hae_NdXqHXivrRx8ZcVLFhbbXmg6Gf0NcWyMFzFCSrd0zDKP44JkhJe9GRVp63s7l5ZYmRGptqTgvQdKqmjRMdI__WM034i-fBoHMvQg0wPJeYHpFu9Ue3X4d5EF73y53FxwbgsVABPaus7bNXrsaft9ggLgJ75HPHOUsJndXZE_YSWEl1DNZoR9uwJJCtieyqHH410OzQ172DgzGL1iaqSWjiAiAO9dBnkLmKb3g8gRnB80V9ZQdUsJNABNZmKKRBnJ2-r25JaVg-D9f7_LsAF7XyqFNTTVjKejdqh6NjvRknr-d9rEOmmqR9UU17v1ahPgUPCp1S84lLM-PermjRn7Tcp0lruYetgl_0DZE-nWlSHg63nk1quvAXd7eZ6oDOHgx-RuIzQoJWiBjiqLexzQ5WkbKImEWk9Wcdo60RF5PWd3pv2VWWaknW7cIf8IzN8aZAO-El2CAa8KS4QjOQQIOr_QHPbN760R9SPOwNWCmsr8GX4WW-r5Pb3YQGzYVgtVKNJFdH1o5IcGzcHKH7U5Gm3fXfFZbS7DBSYtaGt97E192KtkLFxoVcQCL43iKVmR64qsBQHAlggLvPYPhsUimSexLGrSIG4PI65_ze2PQ3Bi5tl4Cv5YYV9FkPYjXJcTi8BnDSND7-MRZuyrlseqh9v-Xv8BTuo4GlaDwgpXmA1IYNLDyOkSCWI6cBBVlP-B3UoAgYdLMOh2N1Uy-8dD85lltdVldsC1yYJq3h0CkjWYXiH7u99hNvqYZj6JFhFfVJgnxt_gxMYlNTzT0MgjPn&cid=CAQSTwDICaaNVMrHKD0Azzh85EB6iDjlkv9Dvk1tI4-ySMGKtpJhpSosTtkcl1HXPhfQfbh6ufDRToA_y8qd4vCXV5IQWLIpCUHYriRoXe3qHNoYAQ&dc_exteid=31363081757182594289976602400796457&dc_pubid=4&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2BF4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
601011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 05:44:20 GMT
expires
Sat, 09 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6313 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
843552060a8ed04f8d6c67fd4405629083b1a55a5ea016019db2244869bc7031

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:08 GMT
expires
Sat, 16 Nov 2024 04:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=4.27&b=2&r=file-upload.in_auto_interstitial_desktop&sy=494d83b1-1662-466b-b902-29e7b30780e0&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14162
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cc55db801db-ZRH
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C1EB 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
601011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 05:44:20 GMT
expires
Sat, 09 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9372 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
001dd47ccc7e8d8e7803bbcd9fafb95e23ad0fb96f081e149c2f41bc7f900e16

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
n.js
mb.moatads.com/ Frame 49E8 		112 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&m=0&ar=51bd715ca6c-clean&iw=2eefa6d&q=2&cb=0&ym=0&cu=1700196071292&ll=3&lm=3&ln=1&r=0&em=0&en=0&d=30000490%3A50002629%3A60023216%3A70016143&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=205853&na=1210445994&cs=0&ord=1700196071292&jv=791458992&callback=DOMlessLLDcallback_41377340
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6831970d75ae727f41d63ef47de981277d80f33007c5b9c279f402bd8c4947e7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
server
istio-envoy
etag
"a4e3b53985de3e50a4a9aa47702a33b4c0c552e7"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
7
timing-allow-origin
*
content-length
112
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&m=0&ar=51bd715ca6c-clean&iw=2eefa6d&q=3&cb=0&ym=0&cu=1700196071292&ll=3&lm=3&ln=1&r=0&em=0&en=0&d=30000490%3A50002629%3A60023216%3A70016143&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=205853&na=1643089226&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F12A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgZZo5O5WZdefI4u73gOz54mQCLrqkpJ0zpuLufIR9NHepudAEAEglZvKIWD1BaABysz_wyjIAQapAh_RlqA54rI-qAMBqgT8AU_QZrVlQ_mucbF6MMczbLz19B7lpQ5xmz1paL3e6Z1tu44ry3uGTxX9pZzz_gPHwmYbj3E8aeIXFDyk8LWA4drycMXusw6mznw4yc4q1-Nlgueva83JyIXGrBGfdT-wn3cbcg65OLbmZtsykWg_E2roVLc1HfMq6XmglpMVMbVwECNfSJWV2Fyp_rCu81ri70amtqm-BXOJCQ6vLzGOUvdn6MhVcnPK9T8PchVteWn3hx3vONPSB4dIgRQVSohK3ZsJ_gxZsJfcDX8dd0kQ-hOJyppPnw4HQ4N9lX2_6TKKLnnr3uh1CHpDCud9HGpEObn7UjDfsusw9wPgKcAEzdSJpL0E4AQDiAXPn8yvTZIFBggDEAMYA5IFBggbEAIYAZIFCwgiEAMYAUir5PABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfKhNCjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEOHfUhi0uZP-AdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mglDaHR0cHM6Ly93d3cuc3VucmlzZS5jaC9lbi9vZmZlcnMvYmxhY2stZnJpZGF5P2NpZD1EU1BfMjAyMzAxT0IxODE2NIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDgpffTm4Le4_IBEgIBA-INEwjtidz1m8qCAxWLnXcKHbNzAoKwE6aGyxXIE92hkOID0BMA2BMN2BQB0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=HtCpr8f_29k&uach_m=[]&ase=2&nis=5&cid=CAQSTwDICaaNVMrHKD0Azzh85EB6iDjlkv9Dvk1tI4-ySMGKtpJhpSosTtkcl1HXPhfQfbh6ufDRToA_y8qd4vCXV5IQWLIpCUHYriRoXe3qHNoYAQ&template_id=509&vt=10&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 2737 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
js-err
static.travelaudience.com/ Frame 49E8 		0
0
css2
fonts.googleapis.com/ Frame 7D18 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 02:45:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:41:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C2E0 		441 B
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe99gIQvcvFpgMYnczv_QEwAQ&v=APEucNVWvgiNHIvHnaltCmsEfWyC8nowRma8DxXyVOlEuF_nLt21QwPOKS1yJMypFjkd6sh5BT9S08H0O0uaIji1A-ObRDIS-g
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:41:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C484 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Origin
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 06:30:11 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C484 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
50187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:44:44 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C484 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
45744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:58:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C484 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
346162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C484 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
52678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 47BD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
44354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 17 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C484 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
19453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame C484 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShE7KniAe2ea-YuvEPk0MeHrNAxsV0ldA6jv8yY4FCe6H8CxtcKyCdmHOak0MfHWSL_PUxPCnu0OAyw9r8KlQGTBAtbw
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C484 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:41:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C484 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBr5eDNXlKHga1ZAHmooXDXRYHNa1pI7xMf-hWMKwNrD8FkQEGgDPknjrSp7NzWeq4Ef15pj76VMvk7s6dxlHpIANawxswA8JQH4S1qcIa-ir31pI
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 7D18 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:59:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame F352 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
product_image.jpeg
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/product_image.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f87d9364193f952e437ab29c8edfdd4dfabd30e532c5a7e879ae2e9a82648fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 17:54:25 GMT
x-content-type-options
nosniff
age
470806
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28156
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 17:54:25 GMT
energy_label-1.png
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		463 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/energy_label-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63282a7e91e19aacf5e503f97ca110e00a3d8f3250b5626a0293f6af68ca617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:31:29 GMT
x-content-type-options
nosniff
age
274182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
463
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 00:31:29 GMT
product_logo-1.jpg
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/product_logo-1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b39818f47d74fff2f78a8527044bc4df7e6c7c84455d54404a537ac2635b4420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 12:24:17 GMT
x-content-type-options
nosniff
age
58614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29443
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 12:24:17 GMT
970x250_mel_image_test.jpg
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/970x250_mel_image_test.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
497489f93761dc97b247f32237be6bec48491f40513fd2a77e2a5afbaf4ae6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:55:14 GMT
x-content-type-options
nosniff
age
344757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218139
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Nov 2024 04:55:14 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 2BF4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
um
sync.teads.tv/ Frame C2E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPMm0ZDf4FJa_J8Wn1L3eig&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPMm0ZDf4FJa_J8Wn1L3eig&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe99gIQvcvFpgMYnczv_QEwAQ&v=APEucNVWvgiNHIvHnaltCmsEfWyC8nowRma8DxXyVOlEuF_nLt21QwPOKS1yJMypFjkd6sh5BT9S08H0O0uaIji1A-ObRDIS-g
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 04:41:11 GMT
pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPMm0ZDf4FJa_J8Wn1L3eig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C2E0
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzUyNmIwYzUtOGJkMi00ODU0LWEzZTMtNzI5Yjk0ODY4ZjNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzUyNmIwYzUtOGJkMi00ODU0LWEzZTMtNzI5Yjk0ODY4ZjNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe99gIQvcvFpgMYnczv_QEwAQ&v=APEucNVWvgiNHIvHnaltCmsEfWyC8nowRma8DxXyVOlEuF_nLt21QwPOKS1yJMypFjkd6sh5BT9S08H0O0uaIji1A-ObRDIS-g
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzUyNmIwYzUtOGJkMi00ODU0LWEzZTMtNzI5Yjk0ODY4ZjNl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 17 Nov 2023 04:41:11 GMT
sync
partners.tremorhub.com/ Frame C2E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEKLx0Z1ZBRP1Wg_fkeLNKxg&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEKLx0Z1ZBRP1Wg_fkeLNKxg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe99gIQvcvFpgMYnczv_QEwAQ&v=APEucNVWvgiNHIvHnaltCmsEfWyC8nowRma8DxXyVOlEuF_nLt21QwPOKS1yJMypFjkd6sh5BT9S08H0O0uaIji1A-ObRDIS-g
Protocol
H2
Server
2600:1f18:612b:4216:7574:b4b8:a72d:d165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 17 Nov 2023 04:41:12 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEKLx0Z1ZBRP1Wg_fkeLNKxg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C1EB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 50A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmvIQb-oxp3tnneDNBcUmMQb8M5Rqfri_VI-S4XxL-xtJo_fDXaDIy6KbxA6kogn3AN1AAjbEchvpNcZVbF084A2Ohxhg0SWMZWgdNW0WV9OvQULXxPrSmejCqvnwtWCmErNfw3X3guYsV5CKPtY2hP-0dl0r3QqkVxYvfFL23GpZnIHjYTCFk7ALXK9prBnvKPqs8TcUTYUlwy3pA5NUZWHqh46Fu-DnmxblFOovDixdHMQHHvyIV5O7N2OXLhjZ9bJBgWEx82MKLlbdCv9WHiW524xfV_GoqlQq3hIAoNgJBfmsbbCfBtaCXH0YhQwmzDeUufKGbTKFZ6SSfpXXLIQLAQ2qt85_bZXpNVWZJc3LuljW8LE9sfM9kWoQc3eXYeCqJDV3iWObMli34rXVj1e7aAzurcXDgKqHdR4Kl2mNPy8_jbi7W3sfQtml1RHYGBfvYmme9CXcNqNporgo8gbQORkn2VkEf9O3aD6q5TUAkW0IVS13IzsVaPSabaiONurlu64KP83K6HrrBmprf5-jmKEoY_ndXt3CxKiZoqKh4Rm_d6ZWxTCSq6_Lv3FGC4sAeB4n1Ue_BDORKgU3mB7xla9rKRAvxcKNvJUAIExERwZwarQCCvA7Or_YlTayvDOcz9-X8KcUkXMrQy6qi7OG3IGeYV21H_XNjsIrDKus3tc32dusFjKl7HX69VwhiC5q_tHIMGzeJcPsIUTKscUKPq_BN1gImE9FdfbM8C0CJVVhGlb-e3qZB9uzCwlWQQINrChIUlXIHPfycRlsgYyoE_waCYzeWXgUZJK7BNrPg-TZ5sdcPxU9ArV9UeeNVW5Jh-zkpA9Ce-7Io3ML47gHS7TonrI9WTdWFIVsHZ2xdb-ol6JMLBcajNka2-bTlzoNG1ntBs6_SR_FSJDLKGgSDfmmzoNyAwgO6JIpw6HS-zma1FEbslmSo2UMjuOD3mnCkaRc13JckOSUAa7dMWV7Ai1O_bZG1aLp_gKG1hElZgZgCrhoaTGw-hO_7xmyiRVVtgWhBdbAjPVJ9ZK1mNFLVzwd6t2rbtMPHNYvVdQpdLihkMUsCuJYDwbWRGQ9x7UCzlRdkgz18SVTBv4Yeph9H-8OAt92shuPCmeQvbWL3KRv7eTvn7tkkjgpfw0RBOCD0DglHAmcYuylH4ytZjOfVIcgtOJw2Enku4l5ZVj3QTkJep7xadH0nL0S5WCj_-WeexC-L0loT7kke7NCY5ipq12yQr8XqFpEmdYZW56u6ETZM5oQKslHQndgqo92DwEDlM0WI8Jj12hXt3-Xq9d_EbxlBnorT2sl4IYmek0kRKqomyfNRhc_ew3jp0ZEb6-baKrkiw2WuewaUm2JVSaml5XSM0sUoOA&sai=AMfl-YR2IStEUpHt9zuxwQg0UkGThTLVx4pxp4r-x0klCTfcvQKgYTyFDsIKCK3szsOzc5FetoX01Qdx89SmKFsPW4T-Lp1c_V5m76M6ZQ-JDk236WGMq3yRtFIDhNK9qoQbMaRwE2HuXxRiv93Rai1FdShVZHbzlVTTOntR7NXDOhMPeZFyAE6ArHjAhL22x2o9ahs7saBF20TJfJ82XJSIMDmesB3HO3ndGATxdEMATqu5TDqMPvBpAQ8HvWOCraUB5fMrAWMXDDX1hyidJ5eVgl18jcQ6fzTLqDGodROeaMSvhdWmQAZ5tEuuHlfYVCxIaMQ52solquh8WZNHc6-mljGi-0LzttbokA6dgxtLz0_sujfAuN6NtwnqjkXicV-2svKN8wKHJZHZTJXhpVZFmrTn1JOQCkNhZlHbWBIR-rggImDlS7TmHcPlLNCSkqDd8j5NAjFJz7sS4HAieDsiHU6wTUySbRV98pEs_IEn9X0sWErNC_9Yoqs&sig=Cg0ArKJSzGq-9sGctVulEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1508&vt=11&dtpt=859&dett=3&cstd=629&cisv=r20231109.93663&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9372 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJbUN28N2FVtE2SHoofWbJ6Du2Hj1_DdPh8zGMW3IxFaY_kgp_z1CbSH2GzZo8c3y5Or5r7nKdNpzYKi3ydClq7lqrLXdik9HmCNv4CA1PC3wCXUkQXcaIN5yRcX0pV0RJN3zRsgfnu9rKcJS1_626ZZc107sXuJ5Q30WzklH876mKc5YDRF3h_3tGpgG6S4g8LhuGqi6mVjD2AmMP4zHKLc4nOvjhUAchYSYg7wGvzXDXyhB6oXaldG1SfUuUmU15fqkC3mExeOjgk-90vKU4NJwi8xIHYJHgDUFG_8CuOe4tdg7dTq598hFrzPwJQo8EbVX1iqd03CpmPmhPGkVp7-GhNOXm30fuEb1qISJ3W6z2XFYVPP56UwrXA3Kr2Lpxv48iOhiBoQOcgyNddTdac0KY9FaFHizP7fw8XZde7kKutTgLP9oBSQwTG5JpnZXUp8Gv4N699H6UzB0wE56nwA6W9y_ip9rc_LG_WtELMxjsY1lVSvefpqC6Y-5QAuKKNUZbQs_1GS40D63aUZchcGO4MXenzJ_L8ddFoS_bjcO27h4CxLqzZ3R92FhLGWddJ9JBmJxMFUzz-uEL180OiF1D3-mgdf5vPS0gXd6aak5oy8h0Xmqyhk6SNyHk9sP3qaGA9bYTdhzqRv-npaRFlBMXIMh1OtRfbC1B6NVBaMhrk606W5-6PetUQTzmy45mNXqUFO26yW_viVnvd7DHdP1g5ETsmXV9Uw3jGbZXOH6H5wCrjAJyMeUVayGDggPtAYiPx6RhDyX25o8T8BmUjbVkkwn5WHSSK3p-J5sCmDDvXBEzZeWvrIqAAG4j9Kn0wbs3FLqj8UlK9Kz60NYvjO4N8lSSL2x-_d9i2fdJwVTrgTOImhfd3Xp-ehReJDs4Ntn3WYoPgIEqWCbaP6KbUPl4WPbg-fMfR9o829ABumYgMcq7WYn6gwQQIDf7fSG78-3dgfPvM7-zEOaiykSSKhyCqjcsYpmGLCS26gyd3R9rU2yliAMe03szUhPhm0-MvLItkpJ1y_s10VV6__1an8nHrvSflXtOYp96LQ3vvF7SqY7iE6a0XfRBcy8Orxep4J-asUQOOfxJz7o1YQOMXkuGuES-4pyhvWpoNZeYn8dRbaOwWRff9UQDw8w7bOB4K_yI3-O8Z8cNgWWcWLkU8bhwVdb-y4v2dUdPYw11NKRzXg-oXtSIsJ4H74UA6IB3JpHk_oAItPtzBpPvUTc_p1wOxGsu5hnN9DKmSMxvLgTFiG3LP-3-Zb2BvTeJfuH6Mo52xJtIMRWQl42jYsFAtSHP1S6orf7pRQAjdBF3feb5xGRth-EWEE-uhvPXkO-k5IYCdKD5i1s6eRVaieGtRbY&sai=AMfl-YRIPQjPDdmrFIeUxiIwhZ0HU448h6GUycCnFqgaq7_Il28kU355Y-4t7si_4nFE0IxPeEDe8UfeTVzGorPnZUuE8K1FnwgMgh_tL49Xe7pVxwKbEZ91kR9AJpjQcSZ35Cg3VLeI9q1-ATyseuxlgLPDVfk7QysiRzrblT7LcCyUgUoi_WRKb4C-FBXCWFbYAYvU56aGotRbj4bVoQ83qHrFNBhMkd8fQfpldEcsHtPncgf8o08ms-OtFc1mBk3Ycv9lRtXIjpvkTjbmOeKSy30M976CH9QsUWJdyT5IW_BTsSwLGN8sNralAKChFrF2kFCDDCXr7_C9_9GD40AXolBt43Hwxuk7L55WGjjiddwUVaIZDk4kLWvc3yHGrtDtM3Xq_YQyCJA6C9FdlfDvwiwScNVCh6D6Zt-ijQoa_rvSdSZYOejFp3tt-O-plKqXgBADnW2OvZArOATrIew7momY_hwT7wKyC4SjgblhxGN-VApXfFtyYIA&sig=Cg0ArKJSzEWd1fE6zwldEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1308&vt=11&dtpt=754&dett=3&cstd=540&cisv=r20231109.98206&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9f9cdb3a38c2cf67824f06244eb0d4f29a1c65adbcf252942894f5462cf3f8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
130601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5138
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 16:24:30 GMT
expires
Thu, 14 Nov 2024 16:24:30 GMT
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqlktmK6ZHg7Xtt5MWYrpqOM758vWJ3bbFtfDoG6vO_RPpk7hYVbRP__UU8B4jt5a1G1kwiyYUw79175IVf0fZMcJQqkO5QbL1Cxc59oSd0yDwpkUcYVy4lGZetf5MIyVmnvEu3p0cfdgf2kjDXHoi81Ny9E0AMwzrbOcqUEI-kLnliC6RT6Annc_9ukjkzSpJg9cLUfWxe34VaYhtn6C7MIzOGDFEHx4IChQUUSI_dWcP-OT3uuB8flXUB5U-fXB8bIGgXY00sEClCGwgdiX6OALYxqk1Xp1N4Uc6zFnOfMDDaSv7HepQzE82v8bxMtD_GYxSeBgY81WZYR0LXu4_OYdtlKSA0_9Logp_uTU3TP0A9S4eC0aZi1apFK1NHGPsscpflQk3Ju7pByoZxqMptY9Cp3uTJiYFJGhREUTUH66i2qIPE4wFyEVWhVB2mIkQ23Em_2HVoN5XC41cPXx3umWUJHy4f09JbkvFEVB0ZD3RaHIppC5EVsgSB8Tabru-yimnwIotHEGv2RWQ26v_OcrigzgyjMKeloOu-1rFKE4M_ivoSjnlg8hLUJQept-1zYSixm4WqTLKuP4Xg2sKnJeIPmeHFgxQu_43Tgs3PAM703lnU3m6OtXHfCuEIjv7rXR61gTghhYjjQb0pIjmWXmWQPQy9aNnqgZ1rdTDSganIRft6t51CHVVcoOzx9cjoe5CUSszIWeR0Mpt2v5wlOG2PLJVPRUSWMcOCgC4iF0FdsMHTnsZFfnYLiVBvB1B4qVYiuHIzEKGyE9iD9EhlBkXO4TQ9wY8DAOxki2ax8_s4p5zM47zcY9pP-gC8FvBjhGYpgtjzGSUXPHfr9vKAM_DqYhWJEFceSC3FAoNFP1Kv9hQoaxb7ZiK58vUYXnB1A8jrUOxRCt94NN02n9gXQ6GDnBrVW7-sZLr6VQhJQJJGJsqZ7jUosr-UwNvXYpB1YhY_N1kV10nwBR2sNMuTnntSEuqOQC7bBYlGtQ2HsCTDAwJI0fZy59mjwn3p4ITHyQamwwWfNeiX2f3f-PngiZdW1sEE11AouvGXjPOXWK1Gqne-pCFQTegMUocR2nqJeCdfDV1GJgwSXRv_2eA02lVJI2EXp4OhjsOP0xp95qWcvPngieofagmj9BmjW40e8czaVXWIp12ViW8PJnQXwBoYLmoTorRoZr-wko0T8FdvkmO6sz4AjQVwg0cZMD9KmJu5a1NK7dSVK_PFb74j8LSAtRGNDZGZ7FFhK016_MYsCusIWGwPHtH3pwFg9-2_hBG8Iz6Q2VHAf_WDZ31BYsGY6Kj0Dw4VJjQ-TT0bVG0ArGb6OBWeD6hhXDQNJDyn1HLULDRDqNdmsoEGJAc3VCjkb3cZUYI4fNE_rKttwlILUyTmTVSXJVUOEFZ_5g7X5BKSdiBTh8IA_1ld-NSlcO8nc3iRMbRRhJaxu2zwugmQ-4eDPfZ-D6n1pvr_vc10nw40EMIIdtrxIL0&sai=AMfl-YSTPIIikA4ZwOZqf-DJesjxNywFsFazfx8eQNCN6Xrnpp_3a8fJUvtCMoR0ckOPqBLEJ-sJEhJmSjaZlImiu3gMijqjXa3DbnLJOAYEFYBXnU2cgVkoRvWd8bQV5WrA2avmiyQGCUachljCXIYDBwMY-ymbKhqvBY1BfVv2jP8e72yT71LeNw7DuQyqholyZmqY0OkdFNXpR6vDI1PRWZG6gWczy9j_geRbulOZeXw8AwpdA3vF-mrhUYRs4yQW1X5OFm75x6WVCzHvfW3KxD7ivDJxgmXkMf9kZnHnXBZQuASNs7aeQY_vxrkDGtrA3guZwf-qTnQniAMRzTAp7JXjS06fkOZ5Rdfh58tErnn-kz5Y-yACDX5uyS9d4OPvqZjNwmk45hMfjDesYdwf2GHSMABmGG2ZfEY8dZMq6T-OXDD7dJfbVmY&sig=Cg0ArKJSzO7uXhM_Bg9rEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=167&cbvp=1&cstd=163&cisv=r20231109.42782&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 04:41:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
replay.svg
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		949 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/replay.svg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
64b084b96d8ddc114505266e3780655cd9e17d9560b08d348b1b799d37967848

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:35:46 GMT
age
325
x-guploader-uploadid
ABPtcPodzayh1KZ4SOVD_hAc0iUzj5j5vWZHkBUC0ka45jV3nRnH1IGIcNmnA31vgU06UjnVWK2jfdgjXncEgFwUbemMzA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
949
last-modified
Sat, 21 Oct 2023 13:24:46 GMT
server
UploadServer
etag
"5424690d2ae90ee2782546a17fe0cb02"
vary
Origin
x-goog-generation
1697894686459419
x-goog-hash
crc32c=fI5Ukw==, md5=VCRpDSrpDuJ4JUahf+DLAg==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
949
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:35:46 GMT
logo.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/logo.png
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b16c84a74e0bb9382959f9bc57a9d56e2c4bc0faf1466f48b1b09f64cd34c0de

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:35:46 GMT
age
325
x-guploader-uploadid
ABPtcPoja6UzPFfR26vO1oUJRx5CIXiNKQ-yPQfRx2WRyTAwCnlvHWAmEfOEhiX69kqVb9wMrFGtcUhhFYYqpnBq4ODyLQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5395
last-modified
Sat, 21 Oct 2023 13:24:44 GMT
server
UploadServer
etag
"1de43d4ffa169465f0d88553fa7a8c23"
vary
Origin
x-goog-generation
1697894684836170
x-goog-hash
crc32c=/KT3yw==, md5=HeQ9T/oWlGXw2IVT+nqMIw==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
5395
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:35:46 GMT
hl01.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/hl01.png
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd3617e4a5c62a2063e7580cc6cb590c4cecd25a0797d47e43ee344140f51cff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:35:46 GMT
age
325
x-guploader-uploadid
ABPtcPrygdDShK-Fq_6Gfge9-S1mULtV0Nwxka8ACftl7yccjbmlt_Y0l2jdEMrIT9MdWWqApWwM9A7tEoMHjq1VWu8trw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10140
last-modified
Sat, 21 Oct 2023 13:24:43 GMT
server
UploadServer
etag
"2a49e0d8fb5a428ab50ee94da0af1a80"
vary
Origin
x-goog-generation
1697894683817730
x-goog-hash
crc32c=dPoeeA==, md5=Kkng2PtaQoq1DulNoK8agA==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
10140
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:35:46 GMT
cta.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/cta.png
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d5235609280bdf9bb4a77ee8eeda9b8c9d5a0578741998909ac8303578395cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:35:46 GMT
age
325
x-guploader-uploadid
ABPtcPpE9cc664z0dlsvlZZYu31uAaAIsm9FqlL-P-Q7zCvkaxHhl_Ne89amW_ARVOCe5ONycp1x86m4O3graDSkJlnGHA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4500
last-modified
Sat, 21 Oct 2023 13:24:42 GMT
server
UploadServer
etag
"83d537e87c013ad01a4bfd24540217fc"
vary
Origin
x-goog-generation
1697894682011259
x-goog-hash
crc32c=wv6QEw==, md5=g9U36HwBOtAaS/0kVAIX/A==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
4500
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:35:46 GMT
tnc.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/tnc.png
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8670c74d8da1241f98bee19e03a9146ea7e0d0354fc2764496a4329dc9ffe572

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:35:46 GMT
age
325
x-guploader-uploadid
ABPtcPrZYtRtGhQmNbIS9qNqewiByffN77CjsNCiJJOWa_EZPTacHyUUufWmvQZKttoCvFPpvTM9B0ZGLOOwFN3cideXqQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2463
last-modified
Sat, 21 Oct 2023 13:24:47 GMT
server
UploadServer
etag
"6361e697bba506483acaf239cee8eb62"
vary
Origin
x-goog-generation
1697894687572111
x-goog-hash
crc32c=bfB02Q==, md5=Y2Hml7ulBkg6yvI5zujrYg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
2463
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:35:46 GMT
img01.jpg
static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/ Frame 49E8 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/CH/CH_728x90/img01.jpg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2cce175a4491239981955543721bbdc197ed53ae0ae6b9a3daae24a3778589f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
age
0
x-guploader-uploadid
ABPtcPpWIcu8y8FXZAHpuCx1A2vaOkOQVkfA3VrU7BsSUMlS6Rb4XBnP94yNYOGClupKTGkdNCzXVUrca29D0lf4wtCJ7w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64230
last-modified
Sat, 21 Oct 2023 13:24:45 GMT
server
UploadServer
etag
"f3675e0f11d29d3dce85f956e44065bc"
vary
Origin
x-goog-generation
1697894685588287
x-goog-hash
crc32c=GSOvjw==, md5=82deDxHSnT3OhflW5EBlvA==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
64230
accept-ranges
bytes
expires
Fri, 17 Nov 2023 05:41:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 07B9 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42d3e2f74263a9ee88f1567c3a2021e3d2440a4daa38ce50b00a77f57f5f48e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
x-xss-protection
0
31114855_20230706053046598_970x250_mel_image_SB_DE.jpg
s0.2mdn.net/ads/richmedia/studio/31114855/ Frame 07B9 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/31114855/31114855_20230706053046598_970x250_mel_image_SB_DE.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c705d87f952d7ab537b77f313a10bbf9b08a5cdaa2bb3dd4d705a542b0e78ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:00:21 GMT
x-content-type-options
nosniff
age
63650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107817
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 12:30:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 11:00:21 GMT
casio-collection.jpg
image.migros.ch/original/8e9c28a1ca4853921f236bbe4a0487264bd9ad71/ Frame 07B9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.migros.ch/original/8e9c28a1ca4853921f236bbe4a0487264bd9ad71/casio-collection.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:de00:1d:c7f4:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
rokka.io /
Resource Hash
199474bf3f1ecdb8dd778b0f605d18b610868efdd8aec3a97bda1a3b75f34ae0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 12:14:34 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
rokka.io
x-amz-cf-pop
PRG50-C1
age
1268797
etag
383a4f01950f47907bcd6c6b08754882
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
immutable, max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
7542
x-amz-cf-id
4_gpicvWfiG62DRLnuOZgBxxDS34O0nu6a6maJMS8cwneJMYZmAa0A==
casio-collection-mtp-e173l-7avef-armbanduhr.jpg_1664809264476_casio-collection-mtp-e173l-7avef-armbanduhr.jpg
s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/85c7ad634582388c547acc679c85d3be084f9367/ Frame 07B9 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/85c7ad634582388c547acc679c85d3be084f9367/casio-collection-mtp-e173l-7avef-armbanduhr.jpg_1664809264476_casio-collection-mtp-e173l-7avef-armbanduhr.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c3884b644bf49223ae49f508f407cbdfa859d46bd7a6f0aef85c3b0df6a2b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:45:04 GMT
x-content-type-options
nosniff
age
276967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76275
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 15:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 23:45:04 GMT
sandisk.jpg
image.migros.ch/original/3695d98568f796856da93b1c036fcb72b36f21c6/ Frame 07B9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.migros.ch/original/3695d98568f796856da93b1c036fcb72b36f21c6/sandisk.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:de00:1d:c7f4:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
rokka.io /
Resource Hash
94823615c24bc74972cd3d5719f6d23b569a8fb6716c1010cd1374d8d90b738a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 12:10:32 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
rokka.io
x-amz-cf-pop
PRG50-C1
age
1441839
etag
02f5eb6c532ae46ce7d936ed6d391fc1
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
immutable, max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
20520
x-amz-cf-id
BhXO1VAiAaQ8T9kbKlxtF0wkuIgl5CCJQJMnEjAT168KhDYnSqixJQ==
sandisk-extreme-190mbs-microsdxc-256gb-speicherkarte.jpg_1688655752807_sandisk-extreme-190mbs-microsdxc-256gb-speicherkarte.jpg
s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/285c38210ead6f41a8473f661340e8d2598a8daf/ Frame 07B9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/285c38210ead6f41a8473f661340e8d2598a8daf/sandisk-extreme-190mbs-microsdxc-256gb-speicherkarte.jpg_1688655752807_sandisk-extreme-190mbs-microsdxc-256gb-speicherkarte.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f5f7a02ee76c35fb5a71fa24509072c0972d7dc348c8fb5a0d0828679555af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:34:14 GMT
x-content-type-options
nosniff
age
198417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25683
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 15:03:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 21:34:14 GMT
sandisk-extreme-pro-200mbs-microsdxc-128gb-speicherkarte.jpg_1688655752807_sandisk-extreme-pro-200mbs-microsdxc-128gb-speicherkarte.jpg
s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/644bc26c8f5b6e7676c283741375e1aafc1ba420/ Frame 07B9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/644bc26c8f5b6e7676c283741375e1aafc1ba420/sandisk-extreme-pro-200mbs-microsdxc-128gb-speicherkarte.jpg_1688655752807_sandisk-extreme-pro-200mbs-microsdxc-128gb-speicherkarte.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ca5b9497cea3926cb15fb14f35dd58d0dbf15c871abd00145a898eb2b91546a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 08:20:21 GMT
x-content-type-options
nosniff
age
246050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26198
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 15:03:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 08:20:21 GMT
osram.jpg
image.migros.ch/original/6ba4a23a7a73795c24d7d53a073f6829ee76a605/ Frame 07B9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.migros.ch/original/6ba4a23a7a73795c24d7d53a073f6829ee76a605/osram.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:de00:1d:c7f4:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
rokka.io /
Resource Hash
fd63cf31d986af0403a4439f086c260c30502653b01864dcc19139a06b478962

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 12:10:32 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
rokka.io
x-amz-cf-pop
PRG50-C1
age
1441839
etag
1488998f7386d32ecfbcc558f248d705
vary
Accept
x-cache
Hit from cloudfront
content-type
image/avif
cache-control
immutable, max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6961
x-amz-cf-id
jG26EaDJlJI-Qijxq5yUkkYdxo-q8pdn6afAnBb1XazOwMNcR9Ys4w==
f.png
image.migros.ch/original/c2eab54ae7c25817db96d5d951046a75ef97ed82/ Frame 07B9 		810 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.migros.ch/original/c2eab54ae7c25817db96d5d951046a75ef97ed82/f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:de00:1d:c7f4:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
rokka.io /
Resource Hash
bdc334ac6f42adc1e0a7583461f97ba395dfbb1782d6be4a06904ac3051fb295

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 03:05:23 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
rokka.io
x-amz-cf-pop
PRG50-C1
age
783348
etag
ba76312f8f9b9dc545b499c2449a310d
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
immutable, max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
810
x-amz-cf-id
N1ARoHbjUSmCOzOJUFHzp2snUVwvi4hbsQnLpI3r8WP9xgYKSI_wAg==
osram-star-p45-25w-led-lampe.jpg_1647039680659_osram-star-p45-25w-led-lampe.jpg
s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/00dae787f4fdabd5762c86e55760a608d4d67390/ Frame 07B9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10920968/image.migros.ch/fm-xl/00dae787f4fdabd5762c86e55760a608d4d67390/osram-star-p45-25w-led-lampe.jpg_1647039680659_osram-star-p45-25w-led-lampe.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7824318ffb7ff95d9e01f04f5fcc7f4dbb87b7b1919b0863dc5ab3890928d10e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:45:04 GMT
x-content-type-options
nosniff
age
276967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10821
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 23:01:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 23:45:04 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 07B9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options
nosniff
age
346167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:44 GMT
HelveticaNeueLT-BlackCond.woff2
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/HelveticaNeueLT-BlackCond.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ee4a3c464cdca1448f8439aa86eb9db06ee262f47838b36dd79d6efcc6f1a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 16:37:58 GMT
x-content-type-options
nosniff
age
43393
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18448
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 16:37:58 GMT
HelveticaNeueLT-HeavyCond.woff2
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/HelveticaNeueLT-HeavyCond.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30d2f988b4fb196a04de0b7b383a20e8635105a37700e516cfe06a5c2e7e2a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:06:46 GMT
x-content-type-options
nosniff
age
257665
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13632
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 05:06:46 GMT
HelveticaNeueLT-Cond.woff2
s0.2mdn.net/sadbundle/8546369101703094962/ Frame 07B9 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8546369101703094962/HelveticaNeueLT-Cond.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f012d1104a4c17ebf254716ce07d712ffdd287cdc27e23de68a2e0c90098f5de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8546369101703094962/index.html?e=69&leftOffset=0&topOffset=0&c=ONp53HFqUG&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:39:19 GMT
x-content-type-options
nosniff
age
273712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20344
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 14:52:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 00:39:19 GMT
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_cver=1&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1a9e81f7900e180c&is_secure=true&networkId=14000&version=1&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_cver=1&google_push=AXcoOmSyCH6K...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIHacm4o8pZQMVqQ5uAAAAAAA&expiration=1700282472&google_cver=1&is_secure=true&google_gid=CAESECMG9M9wjwoQHVzjYfL11...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIHacm4o8pZQMVqQ5uAAAAAAA&expiration=1700282472&google_cver=1&is_secure=true&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8J-DA2CBvt_Aalp1KLtr5T5EUYn855m62qmOnTn7Abws8
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIHacm4o8pZQMVqQ5uAAAAAAA&expiration=1700282472&google_cver=1&is_secure=true&google_gid=CAESECMG9M9wjwoQHVzjYfL11c8&google_push=AXcoOmSyCH6KqT7a2HqyALHga5Y7iutbVXQKO7OK8dllto1v8g2_Ld8J-DA2CBvt_Aalp1KLtr5T5EUYn855m62qmOnTn7Abws8
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFhkZSBDvz-cTnwoYGQWYTU&google_cver=1&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa6Z0N8PkH_u_Ec
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AF7A40A608EE4956AADECE2292DE72FA&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AF7A40A608EE4956AADECE2292DE72FA&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa6Z0N8PkH_u_Ec
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 04:41:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AF7A40A608EE4956AADECE2292DE72FA&google_push=AXcoOmTyjZJJkiUQx5xKMTLYV8lV_-ew-s7nCihXvbVwXAbXkVxxBivfPfEdlmT75N8lKuFHUCoEegZWzW1bPHa6Z0N8PkH_u_Ec
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Nov 2023 04:41:11 GMT
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOgjRfhPSFXF87pYve_LxrQ&google_cver=1&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTB...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOgjRfhPSFXF87pYve_LxrQ&google_cver=1&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO&google_hm=lNDu9r5IT26lkqyUHqYjKw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO&google_hm=lNDu9r5IT26lkqyUHqYjKw==
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO&google_hm=lNDu9r5IT26lkqyUHqYjKw==
date
Fri, 17 Nov 2023 04:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
dsp.adkernel.com/ Frame 47BD 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAC-MoPucXoMYz-UHxQUJd0&google_cver=1&google_push=AXcoOmSK0DbTUjjJQlHvJ_HOjOGJ6Rm1hKTMumcf6zLpRtRHxuohDRGjC4WzgnY7W8avNFRE1WovsNjewkpjAjXla6GzJJVdkqbj
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:41:12 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDWtbLJKBRvATYx-CJ9IbiI&google_cver=1&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha6TbyK_Q1HA76kLOr
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha6TbyK_Q1HA76kLOr
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTzkw5SS5wD1Z71zzUoN5LpDrRGFn_Yq77sq3YNSHDyxRjxr4UuMytbPrVCPORdUe_ZZwqF5g4kjZha6TbyK_Q1HA76kLOr
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDcPup22W-lZhsEI6AfTnKA&google_cver=1&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8&google_hm=M0ZNeTU3N2RkNDcxdUxS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8&google_hm=M0ZNeTU3N2RkNDcxdUxSVTZqZnY=
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSOblU0PVlSzmC4RBMyHiV_tcpNvKJ-hlq8OD-qL1rDEpAGanBF4C-n62_WeDSbhm4IqgEDOTCqP17we5g-yyO6IdEXpyS8&google_hm=M0ZNeTU3N2RkNDcxdUxSVTZqZnY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
0.gif
id5-sync.com/i/495/ Frame 47BD
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEIoyOzIJhlinCA5lvI-PDAQ&google_cver=1&google_push=AXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJOd9eTykKVIXPSbEmTP5ICQeH4y16XUnkGq-PHYnTBwl8c7egScZV
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJ...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJOd9eTykKVIXPSbEmTP5ICQeH4y16XUnkGq-PHYnTBwl8c7egScZV
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 04:41:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 17 Nov 2023 04:41:12 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRZ1ILFoh3Ub-HnPunfoIXo5NmiygerOKxpCGhMhtlJOd9eTykKVIXPSbEmTP5ICQeH4y16XUnkGq-PHYnTBwl8c7egScZV
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 47BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVDitv5rovz4sJt7y5jy3gS05r4uVQiinz2DSlRjHIaP29JnVQp3KTCOELGflQzm5dCer4YA
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3D5A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
601011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 05:44:20 GMT
expires
Sat, 09 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HYPE-748.thin.min.js
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/HYPE-748.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
850af60bddadc6651fa5acbf1034ae8a9d6941c838d1fcdf79eb046f833e7ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19300
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24575
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 23:19:31 GMT
60003574_20231016051051604_43_46_kw_news_trends_bg_970x250.jpg
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame F449 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231016051051604_43_46_kw_news_trends_bg_970x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aedef01a2c34455f00024108a158c50b36496ad78f1cdc0e4232b48c022b9ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
18660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11102
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:10:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:30:11 GMT
GeogrotesqueXComp.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame F449 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/GeogrotesqueXComp.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:36:15 GMT
x-content-type-options
nosniff
age
296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19808
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:51:15 GMT
Geogrotesque_normal_400.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame F449 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/Geogrotesque_normal_400.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:36:15 GMT
x-content-type-options
nosniff
age
296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22172
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:51:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F449 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
451858ba05d97869842de05199cc6458667fa626daad6dad921c0842e00b1bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5893
x-xss-protection
0
60003574_20231030043858354_sublabel_news_trends.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame F449 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231030043858354_sublabel_news_trends.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac49f664dbbdb7c76593610bd6704c2f81a86829d18ca48e3b692e5a3b56577c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:31:03 GMT
x-content-type-options
nosniff
age
79808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12350
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 11:38:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 06:31:03 GMT
60003574_20231107234526446_46_kw_philips_15_proz.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame F449 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231107234526446_46_kw_philips_15_proz.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a3bf31017489ab6b317ca836ba4b329485e011dc27abeac1d4cc033283121a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=fSIuuixwX0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:09:26 GMT
x-content-type-options
nosniff
age
23505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42456
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 07:45:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 22:09:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 77D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0y625O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSnAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15j2TTLMQUMGaOEDxZWfbjUqT0Umk3mtxP-AOxWfDjB-DPOcJZzNVngBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=a-90antAOr4&uach_m=[UACH]&cid=CAQSTgDICaaNb08gXXf7Pa4nA08Yok60Ww11k_0g0tpx03IC1EN5un1U3JjMhgTSBVK2dhxo2cKhaY0M-nyi_L_Qa0D-K1R_9axP4QbBbKdDFhgB&cbvp=2&vis=1
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
60003574_20231030043858354_sublabel_news_trends.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame E930 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231030043858354_sublabel_news_trends.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac49f664dbbdb7c76593610bd6704c2f81a86829d18ca48e3b692e5a3b56577c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:31:03 GMT
x-content-type-options
nosniff
age
79809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12350
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 11:38:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 06:31:03 GMT
60003574_20231107234526446_46_kw_philips_15_proz.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame E930 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231107234526446_46_kw_philips_15_proz.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a3bf31017489ab6b317ca836ba4b329485e011dc27abeac1d4cc033283121a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:09:26 GMT
x-content-type-options
nosniff
age
23506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42456
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 07:45:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 22:09:26 GMT
60003574_20231016051051604_43_46_kw_news_trends_bg_970x250.jpg
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame E930 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231016051051604_43_46_kw_news_trends_bg_970x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aedef01a2c34455f00024108a158c50b36496ad78f1cdc0e4232b48c022b9ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/index.html?e=69&leftOffset=0&topOffset=0&c=7Pcbbtah1m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
18661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11102
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:10:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:30:11 GMT
GeogrotesqueXComp.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame E930 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/GeogrotesqueXComp.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:36:15 GMT
x-content-type-options
nosniff
age
297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19808
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:51:15 GMT
Geogrotesque_normal_400.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame E930 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/Geogrotesque_normal_400.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9793915768876826624/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:36:15 GMT
x-content-type-options
nosniff
age
297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22172
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:51:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E930 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e4c6742794a03a29f09e452a528f117ddb070da6611e56288b8e53b917ed517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6133
x-xss-protection
0
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=89&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:12 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=89&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:12 GMT
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Frtb.ads.travelaudience.com%2Fimg01.jpg&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=745&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A1691%3A1292&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=89&cd=0&ah=89&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=205853&na=1652923546&cs=0
Requested by
Host: 956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
URL: https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 07B9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:41:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6313 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu-suwLWoOoRaADSJnkKHCs1SzxWDMiqBLX9FD-iEziwiEgLM5FhrJo2EK_KEWiuLzZCE_p2c02t2EmuPUozT2jSmnFx9U9xvvntbkwiRQzogKumiO0_gJ7UzWSdc-KJpQ_cb499rV9_3gI8-C5pKMGHY6oit3y3lu0e-4h0-saUGgESnha3MBn_tQzO43bbPgcJMITartRw_iGpiuqREwY3DAJgeyLO8XU081jtykDACujywWmwx0sEpbeGcCkYoqzaeU5ui9_Qvlw5FOtTjyWFV-4_yykDZI0HqdPTAb58Osu0zcfENf7s_9YakPzyyE7zh2x-vXz3feARROF2CJDUVTpnPNXjn8Ag1AmrEttV85DeEUDml3fceMMmKB4-EFRtNvgokYCEjAzKoeMDnZV3RCb3Ir7SFHQSybmMYnSfquIP2qKkeWIgz-BkJF7xL_ocUrcxomaXWW-HgzRXhE6QZS9xrd8x-snIDIHIqXzJxgZgcQi9Vi8xBRbWiBsg1jEAFRu9E23tWdz3wfnFIFqmjjdGNEo_EPPH6bj6dBM0B2qkk8Skxm7sT1dbIrCN1JkGw16zNhXUKYJRMNMYU88iv9aqwM-e7XvA-jNVDrTB8ngc2duiwzXuOFiLjDPElud-eigkVkPw_LXsINHBPz02ftb1qVF4_hW8VcopqsJyjSsSjaebDW3RKYdVBBAj00gbik93-XcqiNvahWQi4-xFS3PbHiNpEMAe41_ACB8UQenuU8xlJVklPDftdup-BPkcI6CpfIcNp1kvfWkmCAmmvy6BdoAYK8dtxr5Nmn70Im-iBsEmyyCrORIhYyXCaDnQPZN-nzuQ4okEa-FA7qmYzdjrWcGRR0BO-LArIY3kOC__ULuaoKg-Fd3r8SudqusuztE-yU-cUqsqn_z8W34aYXY7eG7hljs4ReyttRQuvZS-1x8pQgFsxV9vZks_4VOjiACEe0FoRHDYkP0sBohDAf7ObSqSj1_R4MLubQ0b8H0j2WLERK3Etsv0-rIMIQ48JJZaxBd46evYf1VqPTgZ3GZtxAlKSnLqTYN6IAXqv9t8jt6wA0v3KeK0IOT61VQPvZ1mB0ctrgdYSjp8Auykkt-xIVddu7hjayBR0n6zHez5gIgFV3Roz1WcjwTaDsARxn_GF27muc5uk6e6Ch4IAYkmkQkOG6vs3qqoUIBSeyFag6oXG_5X4crDWklKXWx8I5ExNdWpv2G0Q7owFGROxMwTg5GR7UNM6J_Q99sX5zaJkC6N9ikMU0BVMDJ7YEUZ3p2sHZuGGjpgR_g14rcnJMgxOzcRg9SUqaPktxXK7RwXKZkbpj7Kezh5Ap7PBXs9OCrMwP9_jPCX0EXFtDBXEq9bfgNkJTLiJgBkCQxs9LzjUY5tyq8ZtTXw&sai=AMfl-YSR16rSzPpBNgwmm957C2lGZffKdp15buEQ2b2TQP0Nu5O2iKYJJ7j9_zo2y1verEd7dW72ksxp8Z1VtUKDOBcak-gAhG_DzslguBntU8_nxdjKYk6DLf9CX_ye_HMaWV1Ittk9d9GnKzSYz08tEGZ91PsQuyUaaqZ8VWW83t8mVvZLOGjR2JMFhC-YFGj3YTuiupz_ZWKe1x4TYOWulGIebOwgyCwncp3Rm-PmM3k7sPS8BjI1sjyVzcOi3x6t3vFjRgEuh4FIQGn2cSaIjwICTxgaKHRVp4PxrgzoP3d6hWPQ0MmrAN6Kzsx1jIYr9HH5Ck0Q-hK24qdbjvd6ryir91Ojxc6dzeEJNqybSFlaxgbLjf607B_6KRynKpjhBuFwPFqO1d74xag0kxpwwD2CZQu8hg54KjeqtcDWx4VgTuwk6w6Sgh60A47qVGaraaiiSERgtT6mjZ87gUL3eyeskoH5DuPo-FxZoJoTf8l2zTUuixFPnIY&sig=Cg0ArKJSzHojj8VvqxLUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1722&vt=11&dtpt=1139&dett=3&cstd=565&cisv=r20231109.64997&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F449 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:41:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E930 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:41:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 77D2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD2SjjaLcrkAM_47zZzl_fw4e8van2_z9o0MqXFa14St4oMDe_1rJIBLS5YeqwJvcT9nFjTo3Dp8cdRhQJ8jiHXtUrMmTMH8SmnuxvJryyhOyAG8U6Wg&sig=Cg0ArKJSzMpqeKupc3U4EAE&id=lidar2&mcvt=1145&p=0,0,90,728&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2440838110&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700196070263&rpt=798&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=130&fi=0&apd=348&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:12 GMT
H2-1.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/H2-1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23e7042be88392c18cdc21d11a71b0dbe9b30306c4a752a95ea03655947a4d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6021
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
300x600-Footer.jpg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x600-Footer.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d6baf0aa7321719db179dbb7d57d52a6f947df453a866382c44367b21aadaa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:22:40 GMT
x-content-type-options
nosniff
age
130712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14369
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:22:40 GMT
Icon.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/Icon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc14c05b15147b60213156a8a3e53604399e631dead930a29aa0cd6e2771df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
Icon-1.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		470 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/Icon-1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11bfefaf664f7e268c1ccc5c869d85eca4c826adc0187f1b946d9766a2f0e8fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 23:19:31 GMT
300x250-BG.jpg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x250-BG.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e795e0b7e1c7860fd09a56660a3ad2dfa1241ffa4d299ea595c662fa28eb0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:22:40 GMT
x-content-type-options
nosniff
age
130712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16219
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:22:40 GMT
300x600-wifi.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x600-wifi.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
834696f5396dc0def6db3fbc93fc87becd2e0a5f4d0dbd52ff1fef4f5aab8293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1673
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 23:36:15 GMT
300x250-schleife-60.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		51 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x250-schleife-60.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f74500122e44be75309c301fe73c2ebe3547b5cb7621a5e2ccbfea339dcc04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5456
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
win-price-v1-display.png
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/win-price-v1-display.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e74208d35493f8234ec67c1620ec7e945cb3056b883a68889363cd2f949ec25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:22:40 GMT
x-content-type-options
nosniff
age
130712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13890
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:22:40 GMT
300x250-H2.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x250-H2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c27710b3dd60cc27e6e1bc6e4e5ad69e62e415c18a6720a9e9c4c75fed925efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1070
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 23:19:31 GMT
300x250-H1.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/300x250-H1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa2acd4f17378091af20232f40355e096a425ca6443b5e57afadfa5a4f9a39fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2248
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
CTA-EN-1.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/CTA-EN-1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11117f1f55e877565eb722ca810cebac4aafe52d30d0819668291a4867199dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2574
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
CTA-EN-2.svg
s0.2mdn.net/sadbundle/12744665663998905535/ Frame 4393 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12744665663998905535/CTA-EN-2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b025c31225cb68d461487c8c4af6940241eafa1b6712309a178daad745e65d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12744665663998905535/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2763
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:57:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:24:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F12A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMMmtRSWOBYqLCOCTcu6-MVwqJPavGXBg8Dz4H7pjfQU2BH1b58QQtyrPhzce1OdpqVfpwnkK6Kan7NySqorr7owFCM5vidkAvA_P2T9TiwV9ojQHTp77lVeWbEpZmLgRBVLGYrmptgw&sai=AMfl-YRO2DuSMVmzynZVsxF_NLsZX2VVCEBbxg_ZMjG6FhGvunvxaLPd0SS3oTRA2JESF9xgaUj60IERKQJeiEsCiG7-N3BTrdc1g4SCbgLjmfd5j0Hydb186G-nUp7BuA3JQ_c47lJzRcnjbnQHd7OV_w&sig=Cg0ArKJSzNEpWkf3MmT3EAE&cid=CAQSTwDICaaNVMrHKD0Azzh85EB6iDjlkv9Dvk1tI4-ySMGKtpJhpSosTtkcl1HXPhfQfbh6ufDRToA_y8qd4vCXV5IQWLIpCUHYriRoXe3qHNoYAQ&id=ampim&o=650,1074&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1090&mtos=0,0,1090,1090,1090&tos=0,0,1090,0,0&tfs=2224&tls=3314&g=50.40000081062317&h=50.40000081062317&tt=3314&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6313 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumIeSMxQzvYSvU9R9k3HCRwTLsh_cNczNIorxp2giETjsV2Urds3D47V3wSdfbj_VE6w9ZwbFcK0-uh4jnB7fha59-0Qm9IwWV0maEUUJacbI9E01LMMYXrV7RvzAIFSpOdxAjf4WV3w&sai=AMfl-YR8n-tQtDfTyHfE0rCm9c36RJ6-MmpYVERAkmiUoQCBY6ol_hAS3b6lNj84_8jzvpXsyyvfhOHYjBLlDtBiOkCOuqCV5NXB-lOaX_jWsjhOnLwMEw9FZ_Uvp0pSTni_wPw2QSZF7kEZuZLZkvIC&sig=Cg0ArKJSzDUL8J0yuXwREAE&cid=CAQSTgDICaaNJbM3-uJETYrrQWMJF1x49yt0u2QoHpPgsDDl4WGDLhC3LwLV5SkaFgzfYw0dMGWD3de6d2_gatEQ_wSIFaYdgJYWLwu4Kiy_5xgB&id=lidar2&mcvt=1058&p=231,315,481,1285&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2564496215&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700196069436&rpt=1780&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9372 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw99LwWmsRo0GefRcxj2d28Q3GN8R_k0_UZ-BrTPDl8o7w06-jZSG9tLd2B3xXIRsz8fXjJlNxn6ww-7TnfyygFmDb5iTjJti6BCcI28L5mg37ZZPq4i95pZ8QK5aWUsMXM3f9pWYgyQ&sai=AMfl-YSdx-jUliCnJGUtlgAqitfMhJhk8ycj2sps1wUgUlKmShXF8gEsiYyKE2zp0JZ6KiC65FXN9_nlo2CGJnn7Ro6pFdbH-ttsu04cDPIgeYWHLklUpwmGRCF2FXenWFVY6cp8v12o7ztQ3IqwX4n2&sig=Cg0ArKJSzKedBvx7Vu76EAE&cid=CAQSTgDICaaNCmu9bZ7x8zQoN-V8cFvZaGMw031KI5sZPj7r35HASAx_f9Oc1ihcxfAE-a-z_KYiY5_UwdGJ8ZZtKxhCwQtzNXtxcNDK5eOMjBgB&id=lidar2&mcvt=1062&p=611,315,861,1285&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3765069846&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700196069718&rpt=1555&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 3D5A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 200B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D4C2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
generate_204
tpc.googlesyndication.com/ Frame 2737 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FbDYHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 97EC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqlktmK6ZHg7Xtt5MWYrpqOM758vWJ3bbFtfDoG6vO_RPpk7hYVbRP__UU8B4jt5a1G1kwiyYUw79175IVf0fZMcJQqkO5QbL1Cxc59oSd0yDwpkUcYVy4lGZetf5MIyVmnvEu3p0cfdgf2kjDXHoi81Ny9E0AMwzrbOcqUEI-kLnliC6RT6Annc_9ukjkzSpJg9cLUfWxe34VaYhtn6C7MIzOGDFEHx4IChQUUSI_dWcP-OT3uuB8flXUB5U-fXB8bIGgXY00sEClCGwgdiX6OALYxqk1Xp1N4Uc6zFnOfMDDaSv7HepQzE82v8bxMtD_GYxSeBgY81WZYR0LXu4_OYdtlKSA0_9Logp_uTU3TP0A9S4eC0aZi1apFK1NHGPsscpflQk3Ju7pByoZxqMptY9Cp3uTJiYFJGhREUTUH66i2qIPE4wFyEVWhVB2mIkQ23Em_2HVoN5XC41cPXx3umWUJHy4f09JbkvFEVB0ZD3RaHIppC5EVsgSB8Tabru-yimnwIotHEGv2RWQ26v_OcrigzgyjMKeloOu-1rFKE4M_ivoSjnlg8hLUJQept-1zYSixm4WqTLKuP4Xg2sKnJeIPmeHFgxQu_43Tgs3PAM703lnU3m6OtXHfCuEIjv7rXR61gTghhYjjQb0pIjmWXmWQPQy9aNnqgZ1rdTDSganIRft6t51CHVVcoOzx9cjoe5CUSszIWeR0Mpt2v5wlOG2PLJVPRUSWMcOCgC4iF0FdsMHTnsZFfnYLiVBvB1B4qVYiuHIzEKGyE9iD9EhlBkXO4TQ9wY8DAOxki2ax8_s4p5zM47zcY9pP-gC8FvBjhGYpgtjzGSUXPHfr9vKAM_DqYhWJEFceSC3FAoNFP1Kv9hQoaxb7ZiK58vUYXnB1A8jrUOxRCt94NN02n9gXQ6GDnBrVW7-sZLr6VQhJQJJGJsqZ7jUosr-UwNvXYpB1YhY_N1kV10nwBR2sNMuTnntSEuqOQC7bBYlGtQ2HsCTDAwJI0fZy59mjwn3p4ITHyQamwwWfNeiX2f3f-PngiZdW1sEE11AouvGXjPOXWK1Gqne-pCFQTegMUocR2nqJeCdfDV1GJgwSXRv_2eA02lVJI2EXp4OhjsOP0xp95qWcvPngieofagmj9BmjW40e8czaVXWIp12ViW8PJnQXwBoYLmoTorRoZr-wko0T8FdvkmO6sz4AjQVwg0cZMD9KmJu5a1NK7dSVK_PFb74j8LSAtRGNDZGZ7FFhK016_MYsCusIWGwPHtH3pwFg9-2_hBG8Iz6Q2VHAf_WDZ31BYsGY6Kj0Dw4VJjQ-TT0bVG0ArGb6OBWeD6hhXDQNJDyn1HLULDRDqNdmsoEGJAc3VCjkb3cZUYI4fNE_rKttwlILUyTmTVSXJVUOEFZ_5g7X5BKSdiBTh8IA_1ld-NSlcO8nc3iRMbRRhJaxu2zwugmQ-4eDPfZ-D6n1pvr_vc10nw40EMIIdtrxIL0&sai=AMfl-YSTPIIikA4ZwOZqf-DJesjxNywFsFazfx8eQNCN6Xrnpp_3a8fJUvtCMoR0ckOPqBLEJ-sJEhJmSjaZlImiu3gMijqjXa3DbnLJOAYEFYBXnU2cgVkoRvWd8bQV5WrA2avmiyQGCUachljCXIYDBwMY-ymbKhqvBY1BfVv2jP8e72yT71LeNw7DuQyqholyZmqY0OkdFNXpR6vDI1PRWZG6gWczy9j_geRbulOZeXw8AwpdA3vF-mrhUYRs4yQW1X5OFm75x6WVCzHvfW3KxD7ivDJxgmXkMf9kZnHnXBZQuASNs7aeQY_vxrkDGtrA3guZwf-qTnQniAMRzTAp7JXjS06fkOZ5Rdfh58tErnn-kz5Y-yACDX5uyS9d4OPvqZjNwmk45hMfjDesYdwf2GHSMABmGG2ZfEY8dZMq6T-OXDD7dJfbVmY&sig=Cg0ArKJSzO7uXhM_Bg9rEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=933&vt=11&dtpt=766&dett=3&cstd=163&cisv=r20231109.42782&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/lj85tdpa70v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://956857e586171d1e22621484abaec332.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BF4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BX78y5O5WZfamI9H63wP9rK74DwAAAAA4AeAEAg&bg=!9Pel97jNAAZxrfrxUa07ADQBe5WfOF10Ju3axI7RivwtM8oW-L8lSiSCIhVTzH3u7WG_XHns-EqqJpPu86G7CX-0_kU2AgAAAzBSAAAAA2gBB5kDDeAjla-iLu2j3gx5hyixOgpwzrsqZt1NXwPjxAqgEfO3_q2rS5j9kHPt9IQ2-JbUib-WU5WN8v5PuktRC5_7y6-1R-yzupvX5luOQOZepJiSoaF5KRoIYRQU3k9bD34zXqxWp9cU_tIAwOCx_H6Q4e_T2N4ucGShtFaaj1_X0EymgJkCMDkIgueypSLPQg33U9wirbHo-VPoTBaKA5tkjFG7DiMc143swCPdNWte3nZw5svcoMipDGpF4AHCKWm1TGe75nJZoo_j6-u-UDGjddCDIAJBsskpewrfAIHVsehOkrGC6uKIe7F6eVOhYznS6sMG_53-hhgM1DEd4NGv7_rpARcFEqfF8HBr9lfMH7od4jzw5guIw_fTSyFn7GEZHw2o2sqRYPiFMWgUr7WY29tbAKbiXMtLNc4e3QAt5eZeT_RflraYseNzserWa3DuOtTvr4AygGNurCyAuXmtcZ035kChS7_AyY8h6P1Z7NuFMOpTch8VAVkL70VITNViKKrix_2RS_mwjAb5QhUc5tO593KsaN7GwiCpdIpbN5XEipw7ljnO0OMhXBYMbGzVHYW-vLYkEBAt2oxctLmnUKIS914CZjOcTKBhEAYJICxWFG5DXxvgGILgmAV8ji2VDO6JlWOrkYHOP6dG_PLiP9AI52s0fVObsVPMtSYp1qLmI-a5v3YwkY-bYhwTwIanODJGws8MGrFFuDDFJh-5riXuHiOlp_rzf4X23KRV8asp6t9x6Zl9CCFUCk-XvdigYjEpf-Sid9eW0IQ3ueANPl2uzrHORnZcsBhsvjJ31mw9LnrC_IKlTnm1STQovsIiP-Q1fH9ZIjEw6Qjr2ElqsWTUhBJQJbBZzOUfu9AOgRLs6cx-YQVg_lvp74-sJSViJZk6cNmvLgky-Jm56JDMZist3k79L4rt_cy5end-FDjxqYJein6ffgvy-kisEPTJ-jtOpEIyDVQHsv3d3fEfeYyVEklus18xBPhI1cFMUMGRXTwv5cS9lZHR75N0QfuA6uwApmjoP-ygMj6uBoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F352 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bx_4D5O5WZdCXI5WB3wO-76u4DgAAAAA4AeAEAg&bg=!-vml-bbNAAZxrfrxUa07ADQBe5WfOO8SmSRB7OFPv2zYkxqVrb01F9JDGXVaYnKlqQ8kx3AS1tlliI51RqbETBhoQqCoAgAAA3FSAAAAA2gBBwoAbwTp0HAAnostYoeMjo_k1BT23fSEA17Ls7Vcsl9N9fI4Gii8SqoHH-WwiPBi6UGNeLc2LnJJPrxV9R1luCoRu3GZvAyw8SENuLm8obL1IctFf8RBZ71Z1XJ7o7PhU51oO6t_wGv4LJbSwA7IWC5PdZkDC8Abj001Q3J512gHCzdXrOReZhF-ED5jZLIphC-HTXdTvpK9rlZRWXvmMcbqaH_c9FKK1k26sjAbbmsL3LqVxFdB7YPC5UfJ4io3d4fLQFGDaGNQ1NDxLVNwtoHydm5GDo1nHPP68AFug8SndUYJfQbYZuleOoBSMTiZPTCzVzC-zZDPDv76x1nWwxo_BTMs3fv9E5q2qO34kuzeIDqhptpGBhc476bdFxb56qRCKMgUKooqf21K2TG5yL5cRSDu0mKL3jqUfgDb7hJ2AE0_GNig9SlGN0MHV_PnFIqg0QtdQo6jWHOafAW22qqXqMKQONiumz9CkHfugRVaaywI04mTBjJuCAo6_lqaZCLRkHH1QGlGudQX50e-dnDjcFJTzW1HaJrVCwHP3Q3LGc9R8Y6M2kVl6pfHfCkCSxAe6XefJvdLhhne1DlW9kdjMgAdw3jG2-Fok5BGn8F8ezb4ZChgMlIvccYw6Rg6KNpu_jRM9pITVkDYALLFQzdNZ4bf0bL3jmj9dLuYyihaUoaIoO3H0ncBxussogcbDsuFp6uCaWezF8d8z71XmTYCsZ8EL49YY40CEZFfuEbO00WtqOxFu58EIWNRRBHf16gY0KePVExWi7e7cX8cU6-XBz_M-I-Z0rhvKY3IURi0i7_ehQwJrIxDSlgjg4T32S7xAeLQT7FbtFETIjb14ophl9p6PCpOpT88On8sDIkY5X4e2ZFQDi2-wPXDuK15J8Yer8vx9Mfnf921Suu7VVyCbjpbas6L8puXdS2o6Ku-DGjK0KfG4x6HHY2biCicX4pvkVniqUeaDeibrcsGplmfCk-kLw6OOzdUkKUKEg8Lw8MaGMQTdoxcCu1lspsMUNShvMmAJLPFUQayQqhSl9OYj5FF5yj6vZwSB0QoRsrr_jyFAcAh78YJLdYoMFy1XMpADK0cX-KgXXgZatZAuHddSmMceUmATzRp90Tk0TZmDPhx9YIFIUR14mfhjm9izUrW_l4g_w_f7A7ify1TnYrnI0ZVj1Kt8xaLlyTR9Wxd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1EB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsYqr5O5WZe6gI6G9juwP57Sm8AQAAAAAOAHgBAI&bg=!MDOlM3zNAAZxrfrxUa07ADQBe5WfOFMYKsK1AP7zIaoau4Wk1Ww0nJu9G5shO65gDPbQrrAqi_9bzDNmDJjqA3zR5r5GAgAAAzlSAAAAA2gBB5kC_RAZFydQFojAp64JjQr621-tapomiS6tSupU_DDo8Skg9vHiHu162Isd9XnS2pHxa-4cK9HyMHpxhTSd6P-hIY99gHWm_bKtdHl5BbUoUh5yjvXIBAY9jYfcPCIc0hImk87N_300M9m8qggJpbCVVVTK7br9t7SV0wlB5WemCTawoy5lvERpfyW9EuOO4GMjWOIWMFTRpKYwTnKCkfj4I-ph7__dGeay617Wz8UI3rftmfzEAmVMrUp5353todQdBGYWHY8UTIvUDsZddEw_GXqOpDywDlPSFW5FZa43G8jA250_MKkLDGmvV_tkvamaDxdeMAZ9L67VC18lF_ja5Vr_Aq-9yWGUqSWM8IW7CLKaASgm7S57MXaruaQMOK1MIvobg5M7ePUKkQ8wlxpnwY-dwx4sLtsQD6kfX21jlO0AeZrwPMtiVGvO9f6iomo4cTYR89pqWtVmEI02QyscNssIrK_W-mpqi1sChEd6t8KH95xpj3fKhUZdif8un8RiM7a8DzL6625ixsCHmm4EkWq54KcC8UFTYpI0lk-6QerkoYml5ao5Q-auTU7xQpM7lmLnoRsdHCOZgoDz6iq1vsbb569pzze_9wyfffSgOV7ePLTz1bUWxZyGtnDGF7Sji9rOer1-FvbjW7KuCIMYAoqp3Uf86BoA3_Te1B35mUkvib2THZ37LuCo3E9IBy18PjA-Uy4LlTPh726M7YZ7J7v742k6ErxCyeQsSrJkqioHK3jBIGcQ-8GMxZqE3Ua4aWrbSQptBTwDlX4-DvgJg46GMmqmUpjFGKBx5evkcBY8YJrHQGkq9j3FBkzAlqymb1mzGf4sQU1eiA0bB3AK6d58PxgNAh9fSUg5e5YQ0ZLL24B-vNMGuZpsxP6A2VFc95CHCmOAF30zCGNKGIw2DrvMTBnbDp0hEWUox2hHfmodgO-PDP7hdKsQHRkYFl2gt_m7V4L4savbBAmVFj2r72qBlPci9CI8yWN72Jc-40loLNlxWsTSzejncHL_1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D5A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMGP25u5WZfD-C5SD3wOxz7nQCQAAAAA4AeAEAg&bg=!1tWl1ZrNAAZxrfrxUa07ADQBe5WfOGNecejvxf3iYhLVOI7ouoym8GrMtqIgpjAQKsM7Pi0YW9Ocb8V2qLQMrwjtmlb6AgAAAbtSAAAAA2gBB5kDXc9B-UIsJzpKQT6naTZyjseX6DW5zMW8Ty8R1rfug_MusXV3hTxvFQkhBMyyGm9N5xbzhDB7ZZr5c0uZzkg5Xt4IQN5B46YOlcUbCq8t2JvbpeGYU7951j9rYkOXi0-SRwyyE9_W4ylQIhwLYssHsYdV5TylgkgOoTuS_61n6ydxkL2-NRj5vSspu1uXRZ7fmPoKb5HITDaPPCQXuyuwUujzoQkhNZ5rD5uCh1R9O1ysAJ5O6YQ6DGS4LSX2FQIRn7hbIkDMmkTMfegben85GkwlxIWhB8vZ5fScq3Y1KHyM-4zEwYfKKZIyDUX65_WHvty1ZXX-MJrkbF4SHCkbrcu5r-rVkh__UeKsOfjbBNCsXnzGdiWCRcaAfYOVQFNfdyAvdijM4Ipny46NjkYXjO0JL-iyzgHisI6SHMEkUqfIug-PHrFmpD3dwhna2fA8FzLZohuzxQH2tgdpRDSnshfs5pQPSae4DpZ1Hcg3541NuUNXHSZTMLgXA6XI-Ny_3M3IYr2sP3IuDfrxjF0ittY1QVPwS5ZRm8fvfmhVU9Zmotnp8PTNstdfrur6ZJNQwoqBqavJCZnuGsQXE6wTfC-D4JDpQiLDNYbeFFhCiPsJU6HgOtPRCkZnprg2YSDWFEpt-fzK2w81uUfZqbmHl5octaayvaWj63E_RhCLlSSsaQonMGK1KsN1278f9O13I2oX2H22XYz2y41bF5TLTKUfgFpchFwi7h8N3zGrOmTNpR9QZOT1VVnZ4J7RaBaiC-KxdRMvyNOms4G3Pr4s-bCnlqiNZrz8U0ZYL_gyEgCH0xu_TkIezHWgnjO7pp6hNBoI9TlLkJoycWBgUvTkPbwmJ4OnzM2RWVNnedU6QSC1tM_V10Vg2adr3FBwW_xW4ErPH7VKiCIUZ4c5JdNps0VAOWjEhz_qKU-0_N29PO8EOoGm02O1BPdjE7iSHzfJvaJizeRjSjqqQlcqWk-jhYl88WMcffP3yR6R65OgEys5OqPoNUEZe413W8aGJTj9a8nAaE0nKS-VAVdsh3NKv2SYw2UhhrbWE565FZq4etL8y0ouU3ZzwEUPUJnQWTr_MjSNaQQl5lFXWoAmTwShipTFbK6VYOCwJNiUFkz5zFRE50q66H6CRgeBmgpC7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=1886&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=97&vx=-%3A97%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=1051&cn=0&gk=0&gl=0&ik=0&ic=0&ez=1&co=1051&cp=1068&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1068&cd=89&ah=1068&am=89&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=205853&na=1239266387&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:13 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1068&tet=1051&fi=0&apd=1269&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=3060809903794422&bg=!6-il6KfNAAZxrfrxUa07ADQBe5WfODhjQjtqHJjkm7W3aq-nsWFGObZO-5I9sEOEk2wg-SWYvcX9doNpI5T6M6-tn3_GAgAABAVSAAAAA2gBB5kCul6AwiYJT4ivFogz_gWkZn-J4xbNKQ9U0stLUhemOu3thNXKPKwvNAe8RK7JqwOQdls5o5XnlOM3F8NHzCZ1Pqz4Ml3rlk5VUSh1PKAHTdAfYVtMSfR_ZISIWFaJ0tGXv0PVk3RyD852QcE86HQb1lRrX8JVJkGoLXHCTaq_44F7MG8-6McDEhz6eWIBf9SshkwsDfl1zxTRoi6w8S38rv2a4ARy1Dq4bEgUDiTEbzy6qD55fktIFH2g9aOpJWngeK5Net7w00LulyrtkIRZUbppEj6p1PF4TlCgSnflK6ClY46ET8L8bApWi15NCqiOmn_2hw7JQKGBW4kWvD-otp4luz56IdZSVGaN6pNfjxq98s32DBBtmpbXsNwRnJIa3LWU9rPEYUhpfjtiF-yM2h8ByQYe78g8hiBp2jMfJ5Rk5hHcSdL6P1wRif_kGR0wKZbc0EWPTqV5rvgZ36Nmqj6gmVevIAb10M2u_9lDQq0i9mEP7ts_dRDzHhz36UbOX-ldbhLkWKe00CjCOm46z40EYbmttsge-Qeb6If5WfAQqeFxIGFodYJs_Gl8RPCeoOhkgBNGRk338fe2q2ewhQLn39fJc08Ik8pwLpQFQdeaDg9coe5xWfOJG4LWy76LGtzExvgQJOchiYzYF8smF7jWQxRqXDqmLGLrZCRoiNYc69mbNhFWB-ubuupW1etoVz-3f_Tcvw6fB6GoF-ASbkDalt5Gs10RBSeBPYMpFCYfn-EN1ORJJtdxiWCtmOcJGorylRIyyHc06V8wgSmZpNxpPGhYilBYS-666qMvQP1RXnqgBAPAQdftrUKjc-AEJ_4rEdgdDJZ4j-gqp7oafnLfhuh6irHARThYs00JnhrlfpOpXlJbcf7bd0oT7MylLlKw7j_8LzhY0cv3h2H_P__A3mfx6vFly_6z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=2087&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=98&vx=-%3A98%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=1253&cn=1051&gk=101&gl=0&ik=101&ic=101&ez=1&co=1051&cp=1068&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1269&cd=1068&ah=1269&am=1068&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=205853&na=471496349&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:13 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1068&tet=1253&fi=1&apd=1471&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=fv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:13 GMT
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 17 Nov 2023 04:41:14 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14165
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82754cd70cca01db-ZRH
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=3092&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=2257&cn=1253&gn=1&gk=1105&gl=101&ik=1105&ic=1105&ez=1&co=1051&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2274&cd=1269&ah=2274&am=1269&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=205853&na=1401855183&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:14 GMT
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=3092&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=2257&cn=2257&gn=1&gk=1105&gl=1105&ik=1105&ic=1105&ez=1&co=1051&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2274&cd=2274&ah=2274&am=2274&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=205853&na=1043525897&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:14 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 49E8 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1068&tet=4890&fi=1&apd=5108&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=file-upload.in&L1id=30000490&L2id=50002629&L3id=60023216&L4id=70016143&S1id=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&S2id=728x90&ord=1700196071292&r=596293672625&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=file-upload.in&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&bedc=1&nosend&q=6&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:17 GMT
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=5925&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=92&vx=-%3A92%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=5091&cn=2257&gn=1&gk=3221&gl=1105&ik=3221&ic=3221&ez=1&co=1051&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5108&cd=2274&ah=5108&am=2274&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=205853&na=1375865258&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:17 GMT
pixel.gif
px.moatads.com/ Frame 49E8 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2436099111&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YtBRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-xJRF9h1deVpMDA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=97&w=786&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.file-upload.in&id=0&ii=2&f=1&j=https%3A%2F%2F956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.file-upload.in&t=1700196071292&de=596293672625&cu=1700196071292&m=6127&ar=51bd715ca6c-clean&iw=2eefa6d&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=531&lg=1&lh=89&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=95&vx=-%3A95%3A-&pe=0%3A1812%3A1812%3A1691%3A1292&aa=1&ad=5292&cn=5091&gn=1&gk=3221&gl=3221&ik=3221&ic=3221&ez=1&co=1051&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5309&cd=5108&ah=5309&am=5108&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000490%3A50002629%3A60023216%3A70016143&bo=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=956857e586171d1e22621484abaec332.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=file-upload.in&zMoatSubdomain=file-upload.in&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=205853&na=225906158&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:41:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 17 Nov 2023 04:41:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Domain
static.travelaudience.com
URL
https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60023216.OTk5JTJjMQ%3D%3D...YzbqhpdYd0_iPcB6oxhCbA%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%2526client%253Dca-pub-3831894559014614%2526adurl%253D%26googlewinningprice%3DZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw%26wpc%3DEUR%26site%3Dwww.file-upload.in%26slotvisibility%3D1%26gcpm%3D4236354%26gpos%3D1%26bidder%3Dbidder-rtb-production-75c9797b6-4wbxq%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DlTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A%26ssp_id%3D0%26l%3Den%26ts%3D1700196068%26uc%3DCH%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DUcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA%3D

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| BlockAdBlock object| blockAdBlock function| gtag object| dataLayer object| FB object| html5 object| Modernizr function| yepnope object| jQuery112408212473517483581 function| CBPFWTabs function| $ function| jQuery function| setPagination function| WOW function| eve function| mina function| Snap boolean| detected function| adBlockDetected function| adBlockNotDetected string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| __buffer object| xh object| dspbjs object| demandSupplyFS object| _app object| _gat object| _gaq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| gaGlobal undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaplugins object| gaData object| regeneratorRuntime object| ox_esp object| pbjs object| _33across object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

43 Cookies

Domain/Path Name / Value
.file-upload.org/ Name: lang
Value: german
www.file-upload.org/ Name: visited
Value: visited, visited_expires=Fri Nov 17 2023 05:42:07 GMT+0100 (Central European Standard Time), path=/
live.demand.supply/ Name: demandSupplyTi
Value: 7ae00e38-1e68-4d3b-a2d1-6e1ab31c0f5a
.demand.supply/ Name: __cf_bm
Value: uKzxCBOvbpzoLRPjo2kneAddTj9UZVkW.vL4q7tRsmo-1700196067-0-ASwW4fKC4r+fFYEO0fSNGYw7c3PaVv3uUzyEdh/xveTl2iae6IWabDDi045Ns7qHQgUV39J++kEso/JRSilC020=
.file-upload.in/ Name: _ga_3T7TKCZCC9
Value: GS1.1.1700196068.1.0.1700196068.0.0.0
.file-upload.in/ Name: _ga
Value: GA1.2.967603014.1700196068
.file-upload.in/ Name: _gid
Value: GA1.2.1680182056.1700196069
.file-upload.in/ Name: _gat_gtag_UA_119779859_1
Value: 1
.file-upload.in/ Name: lotame_domain_check
Value: file-upload.in
.yahoo.com/ Name: A3
Value: d=AQABBOTuVmUCEIVLXCkwKbCHMVXNMtecOyoFEgEBAQFAWGVgZbti0CMA_eMAAA&S=AQAAAh2hxzMm0nIks8ypyao27PU
.openx.net/ Name: i
Value: 0d4f45aa-1fdf-4b47-8125-881e68662594|1700196068
.criteo.com/ Name: uid
Value: 7d3aff7f-5687-4ed8-b90b-0a3f35eb9269
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4a0e884f95d770ae28512cf6d9dda26f
.file-upload.in/ Name: _cc_id
Value: 4a0e884f95d770ae28512cf6d9dda26f
.file-upload.in/ Name: panoramaId_expiry
Value: 1700800868810
.file-upload.in/ Name: panoramaId
Value: 9655e599f69f0c34ff400e74818616d53938e155c187484e1fc205ea17268007
.file-upload.in/ Name: panoramaIdType
Value: panoIndiv
.file-upload.in/ Name: cto_bundle
Value: VffneV9KbWV4bUhRWFRGcGIzRCUyRlNEU25LM09TTlpiNHpnbTVlMk82eVElMkJZRnprNlN0cnRtaktlNkZseXBWR0FTU3ppd0p3RjVVbXhmdTlXeFlhb0xuZm05c1N6cFd3ajhZWXRuaWZHdlRzayUyQllzWVIyaU84Y2VkZVY1a0RhaHQyVU5hczhKV3JKYjVzZkY2VWdIWSUyRkoweGRhQSUzRCUzRA
.openx.net/ Name: pd
Value: v2|1700196069|n0vNvQiygu
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4850702332823335135
.amazon-adsystem.com/ Name: ad-id
Value: A1zpqw3rek5HnjfGgLwJEiw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.file-upload.in/ Name: __gads
Value: ID=fe687ab544e6346d:T=1700196068:RT=1700196068:S=ALNI_MZTBS4qXzcaQGe8dMyjH9riLeZRKA
.file-upload.in/ Name: __gpi
Value: UID=00000cca32d895ed:T=1700196068:RT=1700196068:S=ALNI_MaopG6AcO_4-WN__eCRb48p6bVKjQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmv_vSOW3QhDX6x0xpfNGcUBYViMot39xrVko9QIodFFp87jvLcQ_5K9B7fcuA
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%220C30E78B-EA51-48FE-8447-8305FDBA7D0B%22%7D
.adnxs.com/ Name: uuid2
Value: 2726375313966680690
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>6ua*]Q!]tbPl1M>e)ZlrFUfJ+tGXxpSJ1%`.Vw@lG<yw^j_#`3@ao>p8]5+)V`tbm.3If)y3KL9D3I?+Es1scz
.casalemedia.com/ Name: CMID
Value: ZVbu5q24zyugErbkBOG7DQAA
.casalemedia.com/ Name: CMPS
Value: 2180
.casalemedia.com/ Name: CMPRO
Value: 2180
.doubleclick.net/ Name: DSID
Value: NO_DATA
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220C30E78B-EA51-48FE-8447-8305FDBA7D0B%22%7D
.teads.tv/ Name: tt_viewer
Value: c526b0c5-8bd2-4854-a3e3-729b94868f3e
.simpli.fi/ Name: suid
Value: AF7A40A608EE4956AADECE2292DE72FA
.dotomi.com/ Name: DotomiTest
Value: 1a9e81f7900e180c
.yieldmo.com/ Name: yieldmo_id
Value: 3FMy577dd471uLRU6jfv%7C1700179200000%7C0
.bidswitch.net/ Name: tuuid
Value: 94d0eef6-be48-4f6e-a592-ac941ea6232b
.bidswitch.net/ Name: c
Value: 1700196072
.bidswitch.net/ Name: tuuid_lu
Value: 1700196072
.bidswitch.net/ Name: google_push
Value: AXcoOmQRd2YTqsJJdMhHMbpbPGd4W_HVTCUfiVJ6c-gCaNjGbgwz4upC4a9ORelLhrZPrXo06Lb4tzD0jdO5aU3ltJTBzi6VUqyO

13 Console Messages

Source Level URL
Text
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.file-upload.in%2F
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60023216.OTk5JTJjMQ==...YzbqhpdYd0_iPcB6oxhCbA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%26num%3D1%26sig%3DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%26client%3Dca-pub-3831894559014614%26adurl%3D&googlewinningprice=ZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw&wpc=EUR&site=www.file-upload.in&slotvisibility=1&gcpm=4236354&gpos=1&bidder=bidder-rtb-production-75c9797b6-4wbxq&dv=1&uuid=&suid=&brq=lTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A&ssp_id=0&l=en&ts=1700196068&uc=CH&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=UcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA=(Line 286)
Message:
Access to image at 'https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60023216.OTk5JTJjMQ%3D%3D...YzbqhpdYd0_iPcB6oxhCbA%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%2526client%253Dca-pub-3831894559014614%2526adurl%253D%26googlewinningprice%3DZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw%26wpc%3DEUR%26site%3Dwww.file-upload.in%26slotvisibility%3D1%26gcpm%3D4236354%26gpos%3D1%26bidder%3Dbidder-rtb-production-75c9797b6-4wbxq%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DlTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A%26ssp_id%3D0%26l%3Den%26ts%3D1700196068%26uc%3DCH%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DUcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA%3D' from origin 'https://rtb.ads.travelaudience.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016143.0.0..0.CH.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60023216.OTk5JTJjMQ%3D%3D...YzbqhpdYd0_iPcB6oxhCbA%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPwXz5O5WZaqRI_uzjuwPitSzoArKkbX7ctPipc7RCsCNtwEQASAAYPUFggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAmXelzOXNLI-4AIAqAMByAMCqgSqAk_QdLZwfuDP5bOsKA6FotvVUIkUo8-370GW1WwAxHPBwPl-2wTFndM5YX9rlNReEiDV7Mzrawzl_5UmYmaA_4ekPwlK0jCeMOE0uM3RnShpOlfFzxajQCogb5Y82mar-Un8jQeMannLXTy2yH1HWgJIkIKnmf_ptfnjTHGKzPwJzOC21I4v1FYrGyNlKvhhAzuQoLSu7qzparCgCvPTlgBXAQTyCa7z2NrU_Z91Um6EKU3A-0SCgwMIdzLJ6hv4iTl5iYrg0PmAA851zT7a8ayzKgWBpS7pjEW6rDb1Zm7anV12kYnDPET1cDZa9SZbwdhRflnUm3McmwUrgKVIJ15jmzbqo5ei9qob4D_z6r1GFiUzkODsmQtOs2NT7o101R_W4B2EPMb4gdvgBAGABrKJ9KuRq9aRI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAeINEwiz_tv1m8qCAxX7mYMHHQrqDKTQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1LmLvc4CGyI8El9-vGcaH5cEq2zA%2526client%253Dca-pub-3831894559014614%2526adurl%253D%26googlewinningprice%3DZVbu5AAIyKoHg5n7AAzqCrwfsSFQJr01O939cw%26wpc%3DEUR%26site%3Dwww.file-upload.in%26slotvisibility%3D1%26gcpm%3D4236354%26gpos%3D1%26bidder%3Dbidder-rtb-production-75c9797b6-4wbxq%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DlTnGVJF3Xn8oYLirpQMBJTW1v5-QUPeHpfq-9A%26ssp_id%3D0%26l%3Den%26ts%3D1700196068%26uc%3DCH%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DUcHSmiVMRe33eUlbTkW074tfOBIh4Vl3IOT6ITPKjQA%3D
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

956857e586171d1e22621484abaec332.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.travelaudience.com
ads.yieldmo.com
ajax.googleapis.com
bcp.crwdcntrl.net
c1.adform.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
connectid.analytics.yahoo.com
dclk-match.dotomi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image.migros.ch
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
match.adsrvr.org
mb.moatads.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partners.tremorhub.com
px.moatads.com
region1.google-analytics.com
rtb.ads.travelaudience.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
static.travelaudience.com
sync.inmobi.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
certify-js.alexametrics.com
static.travelaudience.com
www.file-upload.org
104.18.35.167
104.18.36.155
132.226.214.62
142.250.185.162
142.250.186.66
162.19.138.82
174.137.133.49
185.89.211.84
188.114.96.3
20.127.253.7
2001:4860:4802:34::36
23.212.89.123
23.35.237.151
23.35.237.56
2400:52e0:1e00::1081:1
2600:1f18:612b:4216:7574:b4b8:a72d:d165
2600:9000:2127:be00:a:e047:753:a221
2600:9000:2127:de00:1d:c7f4:f280:93a1
2600:9000:223c:4200:10:dd8:5e40:93a1
2606:4700:10::6816:3456
2606:4700:3036::ac43:b1f7
2606:4700::6810:5614
2606:4700::6810:8616
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a06:98c1:3121::3
3.71.149.231
34.102.146.192
34.120.107.143
34.250.128.111
34.250.99.225
34.91.62.186
34.96.70.87
34.98.64.218
35.187.184.108
35.190.0.66
35.244.159.8
35.244.170.237
37.157.6.254
51.75.86.98
52.223.40.198
52.29.184.165
52.95.122.74
65.9.66.104
001dd47ccc7e8d8e7803bbcd9fafb95e23ad0fb96f081e149c2f41bc7f900e16
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04e795e0b7e1c7860fd09a56660a3ad2dfa1241ffa4d299ea595c662fa28eb0b
05a3bf31017489ab6b317ca836ba4b329485e011dc27abeac1d4cc033283121a
069e324a60cf83368c9da1144be586782be376fee7ea5c09a585ee9977fe783e
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0981b4e8fecffe685068ec2a0e25505bcffd28a1d63e7f2a4c4d9a2b619ae912
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee4a3c464cdca1448f8439aa86eb9db06ee262f47838b36dd79d6efcc6f1a74
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
107da2018099cf34600c3c7af88bf88c1f2808b5855432f5a1207927dcfd2960
11117f1f55e877565eb722ca810cebac4aafe52d30d0819668291a4867199dad
11bfefaf664f7e268c1ccc5c869d85eca4c826adc0187f1b946d9766a2f0e8fa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19782d17a99a0b86736668ac618764f5568d4b92087978a36fb5d9a135550ac0
199474bf3f1ecdb8dd778b0f605d18b610868efdd8aec3a97bda1a3b75f34ae0
1d5235609280bdf9bb4a77ee8eeda9b8c9d5a0578741998909ac8303578395cf
23e7042be88392c18cdc21d11a71b0dbe9b30306c4a752a95ea03655947a4d3a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2aedef01a2c34455f00024108a158c50b36496ad78f1cdc0e4232b48c022b9ae
2cce175a4491239981955543721bbdc197ed53ae0ae6b9a3daae24a3778589f6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e79b1636cae5ac6f8f5cc7e3910b81a26b6ec55b6debad1a2ea5f318db829f5
30225cd3dfc2334bc1accbd3187078654fde7a749521d235d5382f06afe13f66
30d2f988b4fb196a04de0b7b383a20e8635105a37700e516cfe06a5c2e7e2a83
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3aa4a3168ae9f125774d0d0303aa352ec0c0a730125e10670a6378db2a857e15
3acaf50b74d1ce1e2104c6d05cfbfd774f1265ce8834fcaf62d8c499487de709
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e3d55a01bfbf7a07fba2346d5daeca58475f431eca75066754df1cf01fd3327
3e4c6742794a03a29f09e452a528f117ddb070da6611e56288b8e53b917ed517
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
42d3e2f74263a9ee88f1567c3a2021e3d2440a4daa38ce50b00a77f57f5f48e2
42dc045564cb5c0208153ab982a58ebcd5c26d2df6a95eca76b3f4499e4ce00d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
451858ba05d97869842de05199cc6458667fa626daad6dad921c0842e00b1bad
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a5cc862a916c15f45d96b037fbd7f25c0a6dd9d7fd3753b9153662f8f4c902
4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd
48fa16cde4c728e23abd278bbdd85965de9f2c4c03a7c56193a323461ff7b757
497489f93761dc97b247f32237be6bec48491f40513fd2a77e2a5afbaf4ae6bb
4aff4f973ffaba13d0933c4b7c754c3e39d7df4f7f43ee0a0c1b2e5e040b4375
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d4b3f3c470f707996b6f5f4d54bb22a6cee8acbb06c76874399f1c14494664a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7ba22948576d44532a260d34ea13e62660ee894c063d437ba7e5c7f91bcc25
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51fcb05eb96b540056f253c0ce197dd77766eb2833edeebff43e6acb6a9eedf9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
57b8eda85c43e42a7ba44912887196c204cc8815c9a8198c88d94f0fb2b7fa84
5f5f7a02ee76c35fb5a71fa24509072c0972d7dc348c8fb5a0d0828679555af5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624badd25d4bd96f2ccd93b8f8aadf67417762d4fbe1f3bdb446c7a0ce565394
64b084b96d8ddc114505266e3780655cd9e17d9560b08d348b1b799d37967848
64d2e10948c90ba01d04797f9ec333663a636326e5d37cd93c542ab8a7e1623e
655e7dbbf642111cd33e11ef9edc4571f46dc5805f1adda4e5a5b094b6542fbd
677a9242625bc33dc03f676e9696cfbc30d2904c9d0fe043d71686b95bd4df2f
6831970d75ae727f41d63ef47de981277d80f33007c5b9c279f402bd8c4947e7
68bbc4d19f9ff9046c4221aa906c5051f18df51dc1132b887f7a3330501747d7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b025c31225cb68d461487c8c4af6940241eafa1b6712309a178daad745e65d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
705fbf74c7c299a82bd0fb3af0c541313be5ec564f05ece5511223fb7861f2ec
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7792b88230f4f594ff675dec20b2bfe3e54dfa53f48b7ba4c6b9a6e1272bea80
7824318ffb7ff95d9e01f04f5fcc7f4dbb87b7b1919b0863dc5ab3890928d10e
7dc14c05b15147b60213156a8a3e53604399e631dead930a29aa0cd6e2771df5
7e74208d35493f8234ec67c1620ec7e945cb3056b883a68889363cd2f949ec25
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
7f87d9364193f952e437ab29c8edfdd4dfabd30e532c5a7e879ae2e9a82648fc
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
834696f5396dc0def6db3fbc93fc87becd2e0a5f4d0dbd52ff1fef4f5aab8293
843552060a8ed04f8d6c67fd4405629083b1a55a5ea016019db2244869bc7031
84d52d8523d8e4ebbd15386d0845be41fbfb2c8f90750350f0b396940f2e67f3
850af60bddadc6651fa5acbf1034ae8a9d6941c838d1fcdf79eb046f833e7ce4
8670c74d8da1241f98bee19e03a9146ea7e0d0354fc2764496a4329dc9ffe572
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
8c9fe3cb26c663d000a40e9ec741dd52dbda756e98c15ff7b0f0818f9b918a02
8ca5b9497cea3926cb15fb14f35dd58d0dbf15c871abd00145a898eb2b91546a
8d6baf0aa7321719db179dbb7d57d52a6f947df453a866382c44367b21aadaa4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
94823615c24bc74972cd3d5719f6d23b569a8fb6716c1010cd1374d8d90b738a
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b05e6bf5abe4a113ef2c6e2e9d85d8579a86cb3964159f4849f01d35b3284a2
9c705d87f952d7ab537b77f313a10bbf9b08a5cdaa2bb3dd4d705a542b0e78ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57b6eb013320f0094f0c57997c807b2b0f3dcd1df5440a82d297ab8bbd9cad3
a644af49f92cee433eec7d0c7e2ea658e248810631dc771c291c58d265046c92
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6f74500122e44be75309c301fe73c2ebe3547b5cb7621a5e2ccbfea339dcc04
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ac49f664dbbdb7c76593610bd6704c2f81a86829d18ca48e3b692e5a3b56577c
ad867af08bb726ce9decc77cb6a5abc88abfb9c7199a2b39b48e7c0d0849f110
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16c84a74e0bb9382959f9bc57a9d56e2c4bc0faf1466f48b1b09f64cd34c0de
b39818f47d74fff2f78a8527044bc4df7e6c7c84455d54404a537ac2635b4420
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b72dba913fcd4c971b930bfa2d0901c8ec83b2446380b93f138e1058c0205122
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
b9f9cdb3a38c2cf67824f06244eb0d4f29a1c65adbcf252942894f5462cf3f8a
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bac1cc8188874970353fc392a5202da2556d3a6220869b69c55ae395be3fc7b9
bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c
bdc334ac6f42adc1e0a7583461f97ba395dfbb1782d6be4a06904ac3051fb295
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27710b3dd60cc27e6e1bc6e4e5ad69e62e415c18a6720a9e9c4c75fed925efd
c400475c86a44c376ef9a67f37b1c33b8045d723984434fe20ce4f9526744698
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
cf2b33a39dc305f37037c58dc7d3d45050c37bd74e8ba4d36fd89760f20e0794
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d822c38d41c02f78be341a53c9a718a3c29e5cb1dd542eca27450d327eb16844
ddb1a96f0064dfc215de614ba52440b88fe1d522039ca185cc7400f94da6466a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63282a7e91e19aacf5e503f97ca110e00a3d8f3250b5626a0293f6af68ca617
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecbbfdfa2eaab52264d248091a8f1a26e0fa1a73d188b5fac90316327549c1dd
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012d1104a4c17ebf254716ce07d712ffdd287cdc27e23de68a2e0c90098f5de
f122bc8930adbaf181f931815a64db2c10fb6a499f5b1a6d9865ef2cd2442fa4
f322597b4891fdf35e362ce2f21c36d487f186dddfd4a41c8d99a7ec5af06149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
f9c3884b644bf49223ae49f508f407cbdfa859d46bd7a6f0aef85c3b0df6a2b2
fa2acd4f17378091af20232f40355e096a425ca6443b5e57afadfa5a4f9a39fc
fd3617e4a5c62a2063e7580cc6cb590c4cecd25a0797d47e43ee344140f51cff
fd63cf31d986af0403a4439f086c260c30502653b01864dcc19139a06b478962
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
feb38ef54b3c0a332feaa5d43487c289268a3288b53fd4a684fd4186dae2f336