www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/ukekm9t19wmt
Effective URL:
https://www.file-upload.in/file.php?get=ukekm9t19wmt
Submission: On September 27 via manual (September 27th 2023, 10:15:49 am UTC) from US — Scanned from CH

Summary HTTP 282 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 36 IPs in 9 countries across 31 domains to perform 282 HTTP transactions. The main IP is 2606:4700:3036::ac43:b1f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2606:4700:303... 2606:4700:3036::ac43:b1f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:7000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.31.175.73 52.31.175.73	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
12 21	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
6 14	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 10	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	64.74.236.95 64.74.236.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
282	36

1 188.114.96.3 (Italy) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3121::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (None, )

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:b1f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (United States)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.16.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.26.193 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.212 (Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Sweden) 2 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Ascension Island) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.95 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googlesyndication.com 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	462 KB
50	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	402 KB
47	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	962 KB
32	demand.supply live.demand.supply — Cisco Umbrella Rank: 42647	45 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 775705	550 KB
14	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	9 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	246 KB
10	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	8 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11	864 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	228 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 668 www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	38 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822	7 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	32 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	173 KB
3	file-upload.in www.file-upload.in	11 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 906	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7132	647 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5383	889 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	32 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1393 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	147 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12920	10 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	710 B
1	gstatic.com fonts.gstatic.com	34 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724	3 KB
1	file-upload.com 1 redirects www.file-upload.com	433 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
282	31

	Domain	Requested by
48	pagead2.googlesyndication.com	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com www.googletagservices.com www.file-upload.in securepubads.g.doubleclick.net
47	s0.2mdn.net	www.file-upload.org s0.2mdn.net www.file-upload.in
32	live.demand.supply	www.file-upload.in live.demand.supply client
26	tpc.googlesyndication.com	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com www.file-upload.in securepubads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com
22	www.file-upload.org	www.file-upload.org www.file-upload.in
21	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
14	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net www.file-upload.in
12	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
10	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com pagead2.googlesyndication.com www.file-upload.in www.file-upload.org
6	googleads4.g.doubleclick.net	www.file-upload.org
5	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	2 redirects www.file-upload.org tpc.googlesyndication.com
4	www.googletagservices.com	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com www.file-upload.org
3	connect.facebook.net	www.file-upload.in connect.facebook.net
3	www.file-upload.in	www.file-upload.org www.file-upload.in
2	b1sync.zemanta.com	2 redirects
2	d5p.de17a.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	fonts.googleapis.com	securepubads.g.doubleclick.net 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.file-upload.in www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.file-upload.in
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	mug.criteo.com	www.file-upload.in
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.file-upload.in
1	ssl.google-analytics.com	www.file-upload.in
1	www.file-upload.com	1 redirects
0	certify-js.alexametrics.com Failed	www.file-upload.in
282	43

This site contains links to these domains. Also see Links.

Domain
www.file-upload.org
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.org
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Frame ID: BF5D0452BE78C58C8E117E002AEBBC29
Requests: 97 HTTP requests in this frame

Frame: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F695B3C1E8BC5DD43DE9910BC580FA9B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: 31EE4E8E74D41B55A4EF66294359F6FB
Requests: 2 HTTP requests in this frame

Frame: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F6262DB158733251DC7A1F2D00BEA0F
Requests: 18 HTTP requests in this frame

Frame: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25564589BE14BB4D78A6FE5AB595AB39
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXkg1kxBQA3ogEQG98QGnEA26aJiBE4MtuACfTpKy-z_WQKY5las5OEMwHbbtFdnDpaOkGfgKwdrx3cj1zqQTfqFdmxCPUFRHgEZ66ZTuhNALHeaBYG5vlr0NPb_Ita9WzhJbL7_E3xPF09KpdBYm9BaXMC5_jsiwSb0EJ8B2BVX4VX3S1HREbn4_9y-FlQCfDlWpRj_-pChtIFZ6rF8PoewmGPSg
Frame ID: DF5B199C8F13FC249CEF75175BB092AB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxi-8bPjATAB&v=APEucNWn3Lkx3nDyLYTK3VNOYhI5eN38PQbg0X_uXr4zqFd8Vq39tKAnyS7vy5vRCATYCInaq7agu2cXJkKNnpCIDfkrYm3VMjEsod5Lynfvj9ATVxJ0L3PF3STNgruaqo_HBcM4bpLjHEyleGjQsnd67Ty5o_Hz1KRaM721vXqyyi0cPXiG6LdYFoSC0IdwIrFiNYhHRFOqvRPoyCBULdw8yhd59-ak8Q
Frame ID: C53624F79CFE47FA477445202308C962
Requests: 5 HTTP requests in this frame

Frame: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A5D0175616C6EC972DCB6D39232EF45
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 59B1BBDE22882388A077ACA3C95AA0B0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNWefaNfd0qgdillFueJAeFigPQPIWoPOJVI9gwnPmm-WkEwIMPcpSk2zq6xVoXYUbHttTpRH8ZqS453JSo8ZBAJWx7AZFxJE0hzV-hJVtRHvgK43kXRXW2sM9dsLJ6pUojMWODS2WczCF8drt8Wf6elHoroi4JJrlXM5KMl9yrlqhzcd9W4PpKWKUbSx1eRLeQyfF3RsQh9ft3TbXXPrXGtLdu8iw
Frame ID: CD4F148D034C5E35890E64D725FA72AA
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 38E0711CB5C6A6FE0FD04B3D02690860
Requests: 17 HTTP requests in this frame

Frame: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D07CC3A3EC7D118F9A5B8B07F5AFFEAD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
Frame ID: 22062B3C897D9D9EAD71CEE74AC93872
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
Frame ID: 493519BBB991C5DC1121079A5E7D5B74
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
Frame ID: 9FA3CAA742BE3EB57777557E216D05BE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91887F6981BE319043C4DF1C3BFC4C9C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D57CD9B962E4B0CEF3C06E36F0CA962
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNVHoAZlugxK3fsTXzWUezQ6-ROdLYBFceNkYTVqOLK74DpfIH9MQCnjaTvI8V71xeH_WB_CfgvZzv25q_2jZ_M2l85bz13LKHXprF61myvzBbZrjFnBpYuFoqhUHtXtd8H4vFPFNG5RE5qYxM39o48sYUphna73LWMHDuWuCFN2W2Rp3bNjDOJslZUGCXtBgOC_SBF1rwBQmQQ2OpOZJxfVPMC0lg
Frame ID: BA9F54C5E69AB9304C48F5BF0A92E762
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FDFFC8B18F5E65FDC7EB975A7F7B1D4D
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA81C733FB4F20E73DE328A0E2193244
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A938ECC4E31A289F213174E950FEDFFE
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Frame ID: 544406371B3EE9F6C51E2D2C915DF3FB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 86A6A9D98B3EBA57197FB1D9E36217A2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2657E4F8A4E91A853FB75C3B1D821BB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F163CB59689F16544B8F344578CC899
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/ukekm9t19wmt HTTP 301
https://www.file-upload.org/ukekm9t19wmt Page URL
https://www.file-upload.in/file.php?get=ukekm9t19wmt Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

282
Requests

90 %
HTTPS

68 %
IPv6

31
Domains

43
Subdomains

36
IPs

9
Countries

3419 kB
Transfer

8817 kB
Size

31
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.org/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.org/ukekm9t19wmt
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.org/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.org

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.file-upload.in/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/ukekm9t19wmt HTTP 301
https://www.file-upload.org/ukekm9t19wmt Page URL
https://www.file-upload.in/file.php?get=ukekm9t19wmt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/ukekm9t19wmt HTTP 301
https://www.file-upload.org/ukekm9t19wmt

Request Chain 86

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-gTBTnxaNGtYZHpLSjBhM21JcVNXcGR4d2h4YklMZU5lQm5TU0tRRXF4cEljWHR5OUg5eTM3elhOTllBWTZqbG9lS2lnaWwrNTNabTBkUTdCTWgwTWtIR0xrNWxlOERlOHF5UnhjakVJL2RJZDFNb3p4OC9BRUl0cklBdHRoMThMY3JjcjB1ZEt3eUdYSmUzUG51bjM2WUwzd1p5VVF4RS9meUIvbGlHMTZBTHJ6Nkp2VGMxZDVpMW9hckh4M0tJQzM3UE9PSUd1YVFUQ21tUGxqNHdQcU1OdGZNR29PMnRxaEdtR2ZEMFpNM3FtTDRjc1EwS29MNTFRR0tiZXFVYzlKNy9RQ2pmVnVRNFVqM3QzdWRiWmFkL1I0QT09fA&cppv=2

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzI2.o.s-RpL7vyJ2jQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

Request Chain 207

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

Request Chain 209

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Request Chain 249

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_cver=1&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMeGtB1FLO1OtDdeGFk0KFrmI0yQTnOwPG6sJz7ZcZO5xFNKGw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7863c9a8086c1955&is_secure=true&networkId=14000&version=1&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_cver=1&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMeGtB1FLO1OtDdeGFk0KFrmI0yQTnOwPG6sJz7ZcZO5xFNKGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI__Xl-PQPywNYauuPAAAAAAA&expiration=1695896142&google_cver=1&is_secure=true&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMeGtB1FLO1OtDdeGFk0KFrmI0yQTnOwPG6sJz7ZcZO5xFNKGw

Request Chain 250

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 251

https://um.simpli.fi/gp_match?google_gid=CAESEL4nM8SMciSv4ZJnnLT_0tY&google_cver=1&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss9u_IMnmstlFKH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B29986A751A94969AD22C1F15B30782A&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss9u_IMnmstlFKH

Request Chain 252

https://d5p.de17a.com/cookies/google?google_gid=CAESECfo1TdOeX738WhULFPs03w&google_cver=1&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECfo1TdOeX738WhULFPs03w&google_cver=1&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW

Request Chain 253

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDAVGtjlFkzQV01GnKnHRZ4&google_cver=1&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDAVGtjlFkzQV01GnKnHRZ4&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw&google_hm=dVM3R21fYWdQNklBRVFiSTVhSjg=

282 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ukekm9t19wmt Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/ukekm9t19wmt
https://www.file-upload.org/ukekm9t19wmt

27 KB
7 KB

176ms
88ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f23b69db10d44412b00bbe5a93d72581e81b24b592f5a8d3b8609487a60613

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d2fc8eedc00e42-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 10:15:38 GMT
expires: Tue, 26 Sep 2023 10:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehS19mGpaYeyRTiKo2m%2B4e1yYMbC6SZqaBjta5bgVBuM40xTUvCVe9ZefSEaULuQylTLdIsCz6akti0Cr6Z%2FnvUO8sHqbtWEwuIx1pWaCqqZXwLP4HWZeaKx5HgYkRmvJ%2FNwnbBppDO5pX1hEDUo6jKf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d2fc8deea70e0f-MXP
content-type: text/html
date: Wed, 27 Sep 2023 10:15:37 GMT
location: https://www.file-upload.org/ukekm9t19wmt
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MTeUXAPXeLR5zO%2Bj8aaOZIq3y%2B0r80oJX1HV4CnaWL8Lu0uW3sPAyKqgQw36V08xgpUm7l4jkIA%2B46KUkBNCNstuojJccWyXGdYC2%2FQI1dUdHHfsqVbNGYb3heX5g%2Fl24q6dMm1"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2557427
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDxeqtyCfY4phiCJOOQZjGs%2BEA0c5xvVUStRtK%2FUw%2ByhvoiRK%2FzDGKZCLSQpCk9iLClsWfR8Qp9obkYjlcJmuBuGLh8oEa6fk93afLia2qZKLtE2412kqGREQZt2GuCpADFk7WuFAPK%2FuwdEyEj%2FCDN1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80d2fc8f7e380e42-MXP
expires: Tue, 29 Aug 2023 19:51:51 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 101ms
100ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npqLA1y72Nc2tlNJh0tHlB6btsbKVieZvhHSye3rIS2WEA2VgndN8oZqSQf3Hqk%2BECfV91YZs28Ax1gAmA37fwmReUYggqeZqIiYZSmeX4pUjIiPkrT%2BEyGtPJBM5px2E%2BlZuBgq0tVsC%2Ffc10q4%2Fwkb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80d2fc8f8e390e42-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 55ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5249494
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEQhNhXCjlCBpBHcNQ9fBnGEfa%2BnRcb1aUf65MuPZPG6IsrcwUukdSYZUMY6BSD9AWM8GbE417BupwIvd5XAjlSS6bipSPPDCAqAeiSQ8BSSfvlGz3btndjwMZlBisRt7GWYOJnQ6MQT7mwWMp8joupC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc8ffe920e42-MXP
expires: Fri, 04 Aug 2023 16:04:04 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6511af19-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze58S2dhMdtliy5Rwf2Pds%2BT5%2FZHX22VJFxkB5PcDdJ%2B5YTKyCMb644cuusxwaeM7ZS2d0z5gNwNE0YxwLl55ObenN67RXmd2HT2f3dyAYb09CtKAFqd%2ByrrXbCKaCOisLpAr%2F9IwoGAzgdmDgf6SxvF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80d2fc8fce6a0e42-MXP
expires: Fri, 29 Sep 2023 10:15:38 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 55ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3769387
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svPAnHuz%2BHvh2Gw5ressdAP6isqN%2Fqq9CabeGFRvTyEsK0shS7dUdNbx5UASOVWT9WtW4YPcRHi7pYmg%2Bn5HT9XV%2B6VbUrHbNvxWAO60BRQMMYiF9SQO6YBTYGuQMRFMPnrgz26z7ZgNf6uAstiBCjgK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc906e0c278f-LYS
expires: Mon, 21 Aug 2023 19:12:31 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 99ms
99ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4988686
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTWoehmumjvWZQJMSUqAlR%2BFnJRaoIXP9bNlw7GmoJuBHALOLCgP2y8oLPXX9PKhhs%2FAzfOxfNtnJt2%2BF0VtEq0PwT2D1O84aUBe2VhfXhfLq7fZv%2B57JQos7PPRtigRwQPppBLzo%2FhDO8o25GIO1UqJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc906e0e278f-LYS
expires: Mon, 07 Aug 2023 16:30:52 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 183ms
56ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: f84d1b4df25c7d966b249d05e5f06384
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 60ms
60ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029574
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rfw6kYVaHqdz1eZhazTMNd2bNGTN6f6pSZiutgQqkMM1K5Fzh6J96x8XTVYXoalw4r7z36BEbs4Qt0oeBbNTMGs7KcYbr%2FN0DfvkhJLY4Ff0UkojApAipUzFeq0jGse3%2Bp%2BF3knh3oi%2BYEqnfnUIlCgK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc910f40278f-LYS
expires: Fri, 22 Sep 2023 12:16:04 GMT

GET
H2 200 Primary Request file.php Show response
www.file-upload.in/ 23 KB
7 KB 264ms
164ms Document
text/html 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ace28c8e1c645d3aaf66699f23b4e6f398cb8235565e3d73a0f5491664f0c4

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d2fc91bc77d3fc-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 10:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfqbilmO4UqXxrJgqbbvfOU%2FG3SEQ7yvX%2Bhico6a%2B1WljpIT0eQunfAV9JB%2B9LprMK2NzdYGN3SDtD1492wKJIPnqfW85yhp2QheqznS1AgibKP7R2eMixHKCtw08nXrVktge6ioy7aTajGMSHpHdlU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 54ms
53ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4988686
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQYUG24F0OIlCefsSEHweR0wV%2Fdkt0zUYcTNrrBFywlaezkwS%2Fc79XR2iesfWry21IuwpuGAQ0bo69UIn7H0YhyWs%2F74c0ksv06j6yVG2uG619UPycTuG9cydFvWFmWkUw%2BTFQwLLBo7adeiH6hVlh1t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc911f52278f-LYS
expires: Mon, 07 Aug 2023 16:30:52 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 55ms
55ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2940
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daAh%2F6eVeJwZU39DMDid2Y0mnZ%2FcnRyzo3qUfQu9ay%2BSXEql8jw3lSt6%2Fi13mzPixLTBh%2FYlcerXZWNyGharNxQXbbFIxXcHMdSlRrbLJ23V6qKHFKRlGEb%2FmCoTWJXE0321d1JlFDuN55jM0FE4v4Gr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d2fc911f54278f-LYS
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 153ms
152ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYN%2BtCiDI3IvpDgzjJJxJx9IiEAE2n7f7VYlwZ%2FcFJH%2Fq4cQ0g07xDCl9WnnVW%2B1ziROstqsuihNvOOEFkn9lOhTGRzWzbF2FuOFvqqSxl2HMNyHBKv6yZ6A1JO0700z%2FO4QvZ9arms5w6XrTueriQy8"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d2fc911f5b278f-LYS
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 154ms
153ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDF8e0yOUrmVgLGMD231cctY%2Fp%2BWmIaKyR8l4YQ5c4xPs9xu57GwYu%2BXvO1KD4BmcQydp6ZI8t6dIkrWPM77xmXSDfIjkHJqunN48ezgG0OGd8chSsowozFl9UmJDG4UaQDkvJGSUvURtyF3pglYjtJU"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d2fc912f65278f-LYS
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 222ms
114ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e36b073d459685198a2a5c0a09f038434af11937ef4089fa8845b4aab7447f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01HAAPFKXS6C0TWVX10X7HF12W
date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1003
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80d2fc939ce72c3e-FRA
link: <https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 blockadblock.js Show response
www.file-upload.in/ 7 KB
2 KB 76ms
57ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/blockadblock.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2114810
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 11:59:30 GMT
server: cloudflare
etag: W/"64afe722-1c1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwBKJU%2Bl2V4YOyirMyLMDgib3pXCeedBxaccRqcabNKsWZFTqeqhWUpuEIe85gxeuSj0lxJphm%2Brpa6yUJkHHo8sIijWMtvv%2BPR%2BL3aEvfdHTdqqE2fhYAMPt%2FEe8JNb6r5%2BXLeU7oI8MaX74OYh87E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80d2fc932d6bd3fc-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 177ms
78ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b55c99c501be4e9ee6045b17bf84f67d13676c35612014acebed687fea7a27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68937
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Sep 2023 10:15:38 GMT

GET
H3 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 81ms
69ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029575
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2%2BnksbyNnIsVpwPiw4ytT0MeVxXV85lI1qEjN0PsAbUGsHXEUMaD03xFTNVfvShwOPE1rJ0xLNEbP2uCu97ByTVMGJninl4M5yKu7HXoHdytUnzWrSPYJ3XLWqpdtnS58CdAZU6zL0wsLvoJL%2FqUP6R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80d2fc930aef278f-LYS
expires: Sat, 16 Sep 2023 12:16:03 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 109ms
69ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b9a1db2032e4c7ba72475a0ceeb342b08605476ef6fa46067d1f10641e55717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 10:15:38 GMT
content-md5: LzE7Kba4a59fO2lbQdWZ4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: EycTymUhFuHr4kjM5fBsHPdbcYr/smvZQmlEZP/SHmMGj0LJ9CzYpNBGPRTl0Z7owa5eCq9Ctwep4n+phRi2tQ==
x-fb-content-md5: 206ff5b2818f291842c1a9ba0b2401c7
cross-origin-opener-policy: same-origin-allow-popups
etag: "7ea5523be368c768fc4d6eb4b9b14edb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 21 Sep 2024 02:26:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 160ms
49ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4d56d981f929457070f0c0096d3cbef2d64a671a27159427d4e79d578a4fb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 10:15:38 GMT
content-md5: abq6OykBCWiUH4LChDShqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-debug: OVQNMws7DCELoXMCe4ZgUqWi/ELJzHvt+zW76pt+lWKpcyrn3/raOpn04LEV/lzgAwmoLbtqxXjKGMW+xt79Yw==
x-fb-content-md5: 7a0b746c90cc8dd2084fe03867712f83
cross-origin-opener-policy: same-origin-allow-popups
etag: "8023c7608833f740fb849d4e2718e212"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:21:23 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 165ms
60ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 09:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1440
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 27 Sep 2023 11:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H3 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 109ms
98ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JC5kfZ2ikRUCA7ilJw8Ku9aa0Mw6r2ZBDX9MlUbzlcIQ%2FOJAQboHrufRXx0%2FLm2j0BEKmQRARAruGnZ4nDtrpdxE484iXSZ8RAHb7LMxWuM5piJ%2BHgwFRDRSGWgLZ0D5Q%2BJ6QgfrJfh49T9DOTSGB6q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80d2fc930af0278f-LYS
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 69ms
68ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029574
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF%2BM96mAWDGlo18Er%2BT2XO6vOPAG03jEBpRdOZYQY0aRqH9Ex32B42Ka9ZyXxTrGbomA2NqiEyRIL4mUVcnk4plUvtFILCd9D6VOQ3X35p68iAIDkJ6aRjA%2FZcaz3fKOdjL%2BTf%2B0D0Q99zHVKcPUNphD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc941d3e278f-LYS
expires: Fri, 22 Sep 2023 12:16:04 GMT

GET
H3 200 email-decode.min.js Show response
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=ukekm9t19wmt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6511af19-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps7TiNyJooN7Kw0ZZj1CipJDAJ%2BGaMiY86u721pBBVLtQujdg%2BOzSO%2FQiYRHJqOTcAEP%2B3hfNm24az61%2F4U4KI1DF7eDRadhDHVv2w%2B4mJ5S4GP6cNnnqOk7hLmI3ui3pacvlM9kjGbpHbHfiyulxNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80d2fc93f94e0e49-MXP
expires: Fri, 29 Sep 2023 10:15:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 128ms
29ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 08:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 08:09:49 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 68ms
68ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3769387
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vp%2Fdbmg%2Bq76H6IHsZ2pQco3HZsl7iavNmrEChLXgek06o57GGYeP8OKCjdOXqZD6najyLpdzikCasg4Z1V0K4zujyf3cor%2BrRcZARTHT2urlrSuGwWSOPgz3ckQhh0R0MY0qw0Ikq5icVo1pj1J3vC4J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc941d4a278f-LYS
expires: Mon, 21 Aug 2023 19:12:31 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 78ms
78ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4988686
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3IjdKhjVQX%2FOdRuYbF9QyrXXAyXTtCCE%2FYsz28SrENmqE2OJZ8ZaV4y64x7DamNwBHs9B8OuIZRmesjHOevUUtuJxi4xpWVf6MtjxO88iw4AA9BKpl61JEwcX%2B0pjuAbHoBUjakINF2ijNkxPtrKwdo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc941d51278f-LYS
expires: Mon, 07 Aug 2023 16:30:52 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 35ms
34ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 5afef428ef6c108872805acd28c735f6
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 76ms
75ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029574
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqCkexh9aN6a1s2rTK%2Fn2wipK%2FFkoTj2XLTKUBU0Mkd9CZh%2FIkEJzxXqTwOCEPZyRXl5ege%2F98nfC12cKzBNjC5VKu0RbomC9rBLbCPd91%2F7WG%2FlA9NjjbPjn1J5IAYrkwq00oADCQKQQLofSRCDjZxb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc941d56278f-LYS
expires: Fri, 22 Sep 2023 12:16:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 79ms
44ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ab6eda928164396faff045aa1dd4f267

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78d01bf8bdbccc1cc50d31ababe4f905b09e6ca67b4881ab5291bb8befd24810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 10:15:38 GMT
content-md5: 3jDhCYNUSHSYTu2tkd2Gow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86665
x-fb-debug: wpGN0YLOs1w1imZ1wEz+RXXpE0StD9I5GEq+idM735YNypU+Jf4otH12VoTfdljEFshWzUqPqkjx+J0ca3pc7A==
x-fb-content-md5: 442aa95f9f8cd7bab5327302287ce3b4
cross-origin-opener-policy: same-origin-allow-popups
etag: "3995bf2df2bc27942f6e5082aef863b6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Sep 2024 09:01:18 GMT

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 63ms
62ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4988686
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGSz0moF0mvZXdJ1oHXlgiUghSmB%2Bb00LubCN0OSg9SqlEyWYWin%2B%2F4ZjjThtp36EFL%2FGkf%2FD36HwOnGeWwticAzDJNupbTRP1Gbi6xWiAiyE1L2w2F2gEnV%2BiEzjeMRGGpFYopzv%2B2y5v7%2FlJLriOf7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc945dc7278f-LYS
expires: Mon, 07 Aug 2023 16:30:52 GMT

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET
H2 200 impl.v17.15.0.js Show response
live.demand.supply/ 82 KB
27 KB 41ms
39ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.15.0.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01HAANKZ94E4GT7BEZGRJJD566
date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1086920
cf-polished: origSize=84620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80d2fc945d9d2c3e-FRA

GET
H2 200 d3d3LmZpbGUtdXBsb2FkLmluLw== Show response
live.demand.supply/p4/v17-10-0/ 2 KB
887 B 104ms
103ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9d9655537edf7cc9d104447d3f87880836590d76970ee13b1ff96066dffba7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:38 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80d2fc945da02c3e-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
517 B 135ms
94ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=232&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:38 GMT
cf-cache-status: HIT
age: 2425234
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc94a8152c65-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
29 KB 262ms
118ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb59ceca989729f42fba16b70970e2f1359851c5f19697e9cae03a47d02b277b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29590
x-xss-protection: 0
server: cafe
etag: 122 / 19627 / 31078130 / config-hash: 3771063390485969137
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:39 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
588 B 135ms
95ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGSQC59RYGZP6NQ359764
date: Wed, 27 Sep 2023 10:15:39 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2424352
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80d2fc94a8192c65-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
373 B 185ms
183ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d2fc94b8382c65-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
373 B 180ms
178ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d2fc94b83a2c65-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
374 B 201ms
191ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2f42f7788041968ac0aeaf63dba36d5ef022bf9a9314ea195abd0d0eec8505

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d2fc9558bf2c65-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
482 B 125ms
123ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc95d91b2c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 101ms
100ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc95e92b2c65-FRA

GET
H3 200 file-upload.in_fluid_all_fluidallshapes Show response
live.demand.supply/cp/ 31 B
373 B 186ms
186ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc534450e8fceb2562aa45eeeb10aaa96ead2e1163692d47057caa60a223fb27

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d2fc95f9362c65-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
376 B 256ms
255ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d2fc95f9382c65-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 362ms
362ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023916
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSxyRFC5drKnI7D97j8CwMig8oD6e49n05rSth7tdKZ7fQ1jEhU5kfyq%2BajDvIaBrYKM5mpUWLq8qAiEeFTL2VPN1lAF%2BFbI6lTH62keiL2GAPJveCCI0BDanqExro9V9AFqg097Cs%2B8%2FNiVcCKmIeSk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc96195f2799-LYS

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 415ms
414ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023916
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfe%2BcWnxMsXSRD0EOQZR55enfj7TAdRQ1PG3btQyzXZ6zATsY%2BWInnF%2FDgdWI%2F9oy7mKGMxxvFi8o4PbhWWO2Pkc1DIgd2egHNw4zbZDGPP0JZAtm%2Faq43vjo2UT1l4pGUESqtzvWGjRKJCN1eTp0vdX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc9619602799-LYS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 41ms
41ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9619562c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 41ms
41ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc96195a2c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 53ms
53ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9629682c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 46ms
46ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc96296a2c65-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a15b63f87a0eb83f59ee83f04e8f7fbd0f4d463b42ae1486043df799adca516e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Sep 2023 10:15:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 138ms
41ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 09:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1878
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 27 Sep 2023 11:44:21 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 45ms
40ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=0.10599149465560914&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9689b72c65-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 51ms
48ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H95R0W3H9SMVPKTQMTQBKKQX
date: Wed, 27 Sep 2023 10:15:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1174276
etag: W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80d2fc9689910208-ZRH
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 404ms
71ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je39p0&_p=757346658&cid=1451295552.1695809739&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1695809739&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 36ms
35ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.024594351649284363&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc974a4f2c65-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 49ms
48ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=757346658&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1247830189&gjid=1773733670&cid=1451295552.1695809739&tid=UA-119779859-1&_gid=885807806.1695809739&_r=1&gtm=457e39p0&jsscut=1&z=1906628470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 197ms
197ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4831636
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFEwEdPuIbMROJZVlWnbNOJ2FoBX6WGzFuv5a%2BwCphXmZ%2BnePd1v9yHxbaPlyvc3mf5z50BAs2y8cvhlQtra%2BgHp6DuXE4ryEPuDu32Da%2Fsdn1jMNdkVkiCHPTEtw4iX%2FhpmK%2BCdy1LiLDRglehVkqZN"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d2fc977c0c2799-LYS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 37ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc978a9d2c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc978a9f2c65-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 409 KB
129 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69523
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132106
x-xss-protection: 0
server: cafe
etag: 17184539905708832606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 25 Sep 2024 14:56:56 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:39 GMT
cf-cache-status: HIT
age: 2425235
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9a1d082c65-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 133ms
32ms Script
text/javascript 2600:9000:2250:7000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Wed, 27 Sep 2023 05:20:17 GMT
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 18342
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: Zj8QSvZet9wxRvVPRHwMefrj81VWxHQEmFmeLMHlSq3iV1zq_RiIsQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 166ms
67ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 10:15:40 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 131ms
33ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:29:16 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 24385
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 5N9Pl7kLYK7C8mplWONJfuuEfGO2wEPbTOCKrwKRYxU0MdprFpHxTw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
32 KB 108ms
34ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NBF3NYBYFEN84Z1C
age: 11
x-amz-server-side-encryption: AES256
x-amz-id-2: MavAGRNqPdJxlrJpz1F7sq0yzO6mOXydhAbnSKnD+ubn6DlkzwCyRJSei7hIg5qyJiSl0o3xXJ6AQgoMs0pcOQ==
last-modified: Wed, 27 Sep 2023 09:24:45 GMT
server: cloudflare
etag: W/"dad32e558756cf2e52e60155a9d39f6a"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80d2fc9b0f630e6b-MXP
expires: Wed, 27 Sep 2023 11:15:40 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 110ms
38ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15368
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlTfWGFDzeiGMSm3hbdteVUkLPphH%2BVs2Nuz7Hiv2rpN%2BRRutJjmdevho1yh2eTzatme1tjAW1DnriwaMVCVReV3aM06RcLH1eW2ZMMo7RoANL4gL%2BjssKpSQHbXbHWL0NhcFy6UIV3%2FqDPeFaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80d2fc9b0aee2c79-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 122ms
48ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: e8e4201247a56e6d834eb604c706ce95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
725 B 277ms
268ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=3662894022213234&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739888&lmt=1695802539&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D71&adks=79733870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46a88c6df57cbb495496939655970a50a93f193dd1ee3b78ec527b6d71afae47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 694
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 531ms
523ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=2063512425625374&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739900&lmt=1695802539&adxs=245&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D71&adks=554408032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a4bb06d076965c4a5669f24b5e3fbca7ff195c22f623e8d291524a6880f96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10050
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
15 KB 669ms
660ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=816314660918878&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739905&lmt=1695802539&adxs=245&adys=582&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D71&adks=2365977148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df184e7f038274ed02a5e6aa41ef7f77769b48ad29267b97c96ef75927262a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15838
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 564ms
557ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=1180570596288589&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbcf1b191-0990-4fe0-90e5-a2e0b1483964&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739908&lmt=1695802539&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26chrand%3Dy%26pof%3D0%26bid%3D0.06%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D71&adks=2708986379&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11787dab1b3e3755c5f3142b54c8f8ddc3207dc7c4ab9ebbcac55e061abe99b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12586
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 369ms
362ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=4003439711198226&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C106a5b58-c28a-4673-ba5f-7a79f3bf433e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&fluid=height&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739912&lmt=1695802539&adxs=245&adys=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D71&adks=598638533&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d979991db1f2f9588ce76fa96ca0f0f348276019bc6111cc63667306fc03e69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10033
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 290ms
283ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=204798895179776&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695809739916&lmt=1695802539&adxs=245&adys=1701&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjruIyxrTFIAFICCGQSGQoKcHViY2lkLm9yZxjruIyxrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGOy4jLGtMUgAUgIIZBIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZA..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D71&adks=1354342239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f2ad892fd46ba9e8a42c647238d20e5bb0b08366edbcb043995803acc3f183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10033
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F695 6 KB
3 KB 136ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Thu, 26 Sep 2024 10:15:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 38 KB
13 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl_page_level_ads.js?cb=31078130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd3f05decb1d9c26bd68a2cd2d13b1584eebbb92f78c15adbc894d02c6d4307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63323
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13631
x-xss-protection: 0
server: cafe
etag: 18158545400869290159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 25 Sep 2024 16:40:16 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 97ms
30ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file-upload.in
date: Wed, 27 Sep 2023 10:15:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
696 B 196ms
74ms XHR
application/json 52.31.175.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 67f450141b3020acb654e2aa3fdee48b3cbc906c0964e7a29dd77e4730f51c62

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache
x-server: 10.45.26.194
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 31EE 15 KB
6 KB 121ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 302348
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9c5f2e2c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 37ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9c5f302c65-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 976 B
512 B 295ms
295ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=1588953782786664&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da691b1331e5c1cdf%3AT%3D1695809739%3ART%3D1695809739%3AS%3DALNI_MaR-2j1K5TlHewFmQ0Lb9L31nF85A&gpic=UID%3D00000cb1def129fd%3AT%3D1695809739%3ART%3D1695809739%3AS%3DALNI_MbKC6El3QgkGgSsp0wTtVmoKWomcw&abxe=1&dt=1695809740212&lmt=1695802540&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY67iMsa0xSABSAghkEhkKCnB1YmNpZC5vcmcYhrqMsa0xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOu4jLGtMUgAUgIIZBIXCghydGJob3VzZRiWuoyxrTFIAFICCGoSGQoKdWlkYXBpLmNvbRjruIyxrTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPS6jLGtMUgAUgIIag..&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D71&adks=3111070440&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5441e552caa81716204d2485db3da5be7e7d40df0e8d780031bcd27addc5c41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F62 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Thu, 26 Sep 2024 10:15:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 39ms
38ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&pud=232&pus=c&pue=525&pid=54&pis=c&pie=580&ppd=106&pps=a&ppe=632&pcl=795&ttc=1038&tti=1878&ttif=0&lca=632&lcak=ppe&lct=632&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9ccf9c2c65-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 31EE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=-gTBTnxaNGtYZHpLSjBhM21JcVNXcGR4d2h4YklMZU5lQm5TU0tRRXF4cEljWHR5OUg5eTM3elhOTllBWTZqbG9lS2lnaWwrNTNabTBkUTdCTWgwTWtIR0xrNWxlOERlOHF5UnhjakVJL2RJZDFNb3p4OC9BRUl0cklBdH...

422 B
652 B

157ms
50ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-gTBTnxaNGtYZHpLSjBhM21JcVNXcGR4d2h4YklMZU5lQm5TU0tRRXF4cEljWHR5OUg5eTM3elhOTllBWTZqbG9lS2lnaWwrNTNabTBkUTdCTWgwTWtIR0xrNWxlOERlOHF5UnhjakVJL2RJZDFNb3p4OC9BRUl0cklBdHRoMThMY3JjcjB1ZEt3eUdYSmUzUG51bjM2WUwzd1p5VVF4RS9meUIvbGlHMTZBTHJ6Nkp2VGMxZDVpMW9hckh4M0tJQzM3UE9PSUd1YVFUQ21tUGxqNHdQcU1OdGZNR29PMnRxaEdtR2ZEMFpNM3FtTDRjc1EwS29MNTFRR0tiZXFVYzlKNy9RQ2pmVnVRNFVqM3QzdWRiWmFkL1I0QT09fA&cppv=2

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

83c638e9be20153f6217e492e41e78c8b3fdbbfa966ea33aebe6622e4290bd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 10844655
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-gTBTnxaNGtYZHpLSjBhM21JcVNXcGR4d2h4YklMZU5lQm5TU0tRRXF4cEljWHR5OUg5eTM3elhOTllBWTZqbG9lS2lnaWwrNTNabTBkUTdCTWgwTWtIR0xrNWxlOERlOHF5UnhjakVJL2RJZDFNb3p4OC9BRUl0cklBdHRoMThMY3JjcjB1ZEt3eUdYSmUzUG51bjM2WUwzd1p5VVF4RS9meUIvbGlHMTZBTHJ6Nkp2VGMxZDVpMW9hckh4M0tJQzM3UE9PSUd1YVFUQ21tUGxqNHdQcU1OdGZNR29PMnRxaEdtR2ZEMFpNM3FtTDRjc1EwS29MNTFRR0tiZXFVYzlKNy9RQ2pmVnVRNFVqM3QzdWRiWmFkL1I0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264334
content-length: 0
expires: 0

GET
H2 200 container.html Show response
6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2556 6 KB
3 KB 31ms
29ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Thu, 26 Sep 2024 10:15:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_all_fluidallshapes&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9cffc12c65-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF5B 624 B
504 B 145ms
75ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXkg1kxBQA3ogEQG98QGnEA26aJiBE4MtuACfTpKy-z_WQKY5las5OEMwHbbtFdnDpaOkGfgKwdrx3cj1zqQTfqFdmxCPUFRHgEZ66ZTuhNALHeaBYG5vlr0NPb_Ita9WzhJbL7_E3xPF09KpdBYm9BaXMC5_jsiwSb0EJ8B2BVX4VX3S1HREbn4_9y-FlQCfDlWpRj_-pChtIFZ6rF8PoewmGPSg

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Wed, 27 Sep 2023 10:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9F62 89 KB
31 KB 301ms
232ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf78f79b0606670978e34ce28d41e3bd377aa7dfabf302119dccb61c4eb207d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31451
x-xss-protection: 0
server: cafe
etag: 13146691652413439477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F62 42 B
401 B 133ms
64ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrCGF-HC0R7PyBr-fLglRFjGQ6-6QVKcA8jiZmScluGk7BKXRaFZul40jghzuZgaWA_CsjVSkaPb8sY_Oq4qHwcU_glYa8MRty0oXQQFmq2mOFc00

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F62 0
58 B 133ms
64ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17367999297883619477&x=1&ct=119

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 9F62 3 KB
1 KB 120ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 9F62 20 KB
8 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F62 182 KB
57 KB 146ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C536 624 B
825 B 113ms
75ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxi-8bPjATAB&v=APEucNWn3Lkx3nDyLYTK3VNOYhI5eN38PQbg0X_uXr4zqFd8Vq39tKAnyS7vy5vRCATYCInaq7agu2cXJkKNnpCIDfkrYm3VMjEsod5Lynfvj9ATVxJ0L3PF3STNgruaqo_HBcM4bpLjHEyleGjQsnd67Ty5o_Hz1KRaM721vXqyyi0cPXiG6LdYFoSC0IdwIrFiNYhHRFOqvRPoyCBULdw8yhd59-ak8Q

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Wed, 27 Sep 2023 10:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2556 89 KB
31 KB 248ms
211ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2556 42 B
107 B 102ms
65ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVgUsLd8ZZdRUzwxVwh6Exn79pK7xPqV4m8ZgV_9k9gUaLd5WFcFqFJrqhlAlxKWRq4mJbjcyDhhId8itRsGTj_5f3fjJDaT_yU4xhNZEYhnxdPk8

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2556 0
56 B 102ms
65ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5313795986441982640&x=1&ct=119

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 2556 3 KB
1 KB 88ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 2556 20 KB
8 KB 87ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2556 182 KB
57 KB 162ms
116ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H3 200 container.html Show response
6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A5D 6 KB
3 KB 30ms
30ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Thu, 26 Sep 2024 10:15:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 40ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9e08852c65-FRA

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C536
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1

43 B
338 B

53ms
53ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxi-8bPjATAB&v=APEucNWn3Lkx3nDyLYTK3VNOYhI5eN38PQbg0X_uXr4zqFd8Vq39tKAnyS7vy5vRCATYCInaq7agu2cXJkKNnpCIDfkrYm3VMjEsod5Lynfvj9ATVxJ0L3PF3STNgruaqo_HBcM4bpLjHEyleGjQsnd67Ty5o_Hz1KRaM721vXqyyi0cPXiG6LdYFoSC0IdwIrFiNYhHRFOqvRPoyCBULdw8yhd59-ak8Q
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvhqbU%2FSH1DKUUSdUBrthhtGAYw%2BXU6H8JlVn0yIMEwpKcxsB%2BJp7AGYds6lV3PniF3kGdY9yjMqEXy1fsXaMVkq8hjGC05pEm6tZBU25muq%2FaWk3eXTW37CTM2eBlt12jsgvbnyI8Ky9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fc9ee97c24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C536
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

43 B
736 B

46ms
46ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxi-8bPjATAB&v=APEucNWn3Lkx3nDyLYTK3VNOYhI5eN38PQbg0X_uXr4zqFd8Vq39tKAnyS7vy5vRCATYCInaq7agu2cXJkKNnpCIDfkrYm3VMjEsod5Lynfvj9ATVxJ0L3PF3STNgruaqo_HBcM4bpLjHEyleGjQsnd67Ty5o_Hz1KRaM721vXqyyi0cPXiG6LdYFoSC0IdwIrFiNYhHRFOqvRPoyCBULdw8yhd59-ak8Q
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNIyHsO3N3WqGAC%2B2bkGO4bvm3B5wqx7YbwHiBnrDCHAVvSQe7MUqfEMbYWVp7UQkFucBs%2B7Lm5CRacVtR4LY%2ByBMfDnvrp7FIKiNOTjAX0IUSCMmFGUxA7PR8x6RJ%2F6IBJxTW0RHOupDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fc9fffe52c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C536
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

43 B
837 B

43ms
42ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxi-8bPjATAB&v=APEucNWn3Lkx3nDyLYTK3VNOYhI5eN38PQbg0X_uXr4zqFd8Vq39tKAnyS7vy5vRCATYCInaq7agu2cXJkKNnpCIDfkrYm3VMjEsod5Lynfvj9ATVxJ0L3PF3STNgruaqo_HBcM4bpLjHEyleGjQsnd67Ty5o_Hz1KRaM721vXqyyi0cPXiG6LdYFoSC0IdwIrFiNYhHRFOqvRPoyCBULdw8yhd59-ak8Q

Protocol

Server

185.89.210.212 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: 9322b27c-9920-4f44-9563-e3fb17628121
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C536
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

170 B
188 B

54ms
53ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: 47c0c92f-e8e6-4d97-b4ce-6f4b874d4f94
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1

43 B
766 B

47ms
47ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXkg1kxBQA3ogEQG98QGnEA26aJiBE4MtuACfTpKy-z_WQKY5las5OEMwHbbtFdnDpaOkGfgKwdrx3cj1zqQTfqFdmxCPUFRHgEZ66ZTuhNALHeaBYG5vlr0NPb_Ita9WzhJbL7_E3xPF09KpdBYm9BaXMC5_jsiwSb0EJ8B2BVX4VX3S1HREbn4_9y-FlQCfDlWpRj_-pChtIFZ6rF8PoewmGPSg
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgXNdkZTm7MRZDcWTIgNQ6JnaGQY6M7Smithbf9BmkECt2F1vRIb2sFw6fdZkK0jUPb6cifCCxhnqdrfuyW5n8KAoszz1iVdHey8gAb%2BRf9e8re%2FDOPSnxGzZIL9fwJOEIx1uVKnUFYgJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fc9eff1f2c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYBTfyTOzI9_3tyEQS86to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF5B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzI2.o.s-RpL7vyJ2jQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1&google_hm=2

43 B
732 B

47ms
47ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXkg1kxBQA3ogEQG98QGnEA26aJiBE4MtuACfTpKy-z_WQKY5las5OEMwHbbtFdnDpaOkGfgKwdrx3cj1zqQTfqFdmxCPUFRHgEZ66ZTuhNALHeaBYG5vlr0NPb_Ita9WzhJbL7_E3xPF09KpdBYm9BaXMC5_jsiwSb0EJ8B2BVX4VX3S1HREbn4_9y-FlQCfDlWpRj_-pChtIFZ6rF8PoewmGPSg
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ohc1XHjtdCUbov40%2Fnbh%2BIBwahTBZFIvsZjYEa3TT%2FDcXop48fDJYTWnntQkNvx0sihTsdFA1VV40zsKIWqbA5Kdu5t7AYoeT9ilIq76vIKxkFRRRlYyl8qNpTdpyWQwHhtvT0FuPqvPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fc9fffe42c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

43 B
836 B

43ms
40ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXkg1kxBQA3ogEQG98QGnEA26aJiBE4MtuACfTpKy-z_WQKY5las5OEMwHbbtFdnDpaOkGfgKwdrx3cj1zqQTfqFdmxCPUFRHgEZ66ZTuhNALHeaBYG5vlr0NPb_Ita9WzhJbL7_E3xPF09KpdBYm9BaXMC5_jsiwSb0EJ8B2BVX4VX3S1HREbn4_9y-FlQCfDlWpRj_-pChtIFZ6rF8PoewmGPSg

Protocol

Server

185.89.210.212 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: e612761d-ced0-40c5-8dc6-62ff2d2732c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM6w01HwayBDgZ6UIf-Xzyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF5B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

170 B
188 B

54ms
53ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: cd316a26-cbae-47af-aada-7a424f171643
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 59B1 223 KB
62 KB 128ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 59B1 15 KB
5 KB 187ms
91ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 59B1 94 KB
28 KB 191ms
95ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 59B1 5 KB
2 KB 200ms
104ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 59B1 40 KB
13 KB 201ms
105ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
DATA 200
OK truncated
/ Frame 59B1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b755120c055530b033201cc3f87a5402d13aa713c117b581cc2ba41035f65e46

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3338108159626277871
tpc.googlesyndication.com/simgad/ Frame 59B1 27 KB
28 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3338108159626277871?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql3JR1tzXjLK2cnddwc_Box9_cDNA

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9db55525413b5bb6da3accde5d0cad8e6ab9d6d0a27a1627e6752ef12d70090d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 09:45:05 GMT
x-content-type-options: nosniff
age: 174635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28011
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:24:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 09:45:05 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59B1 2 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 46583
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 27 Sep 2023 21:19:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59B1 295 B
424 B 30ms
30ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 46583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 27 Sep 2023 21:19:17 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.06&b=2&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9e58bf2c65-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CD4F 624 B
368 B 75ms
72ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNWefaNfd0qgdillFueJAeFigPQPIWoPOJVI9gwnPmm-WkEwIMPcpSk2zq6xVoXYUbHttTpRH8ZqS453JSo8ZBAJWx7AZFxJE0hzV-hJVtRHvgK43kXRXW2sM9dsLJ6pUojMWODS2WczCF8drt8Wf6elHoroi4JJrlXM5KMl9yrlqhzcd9W4PpKWKUbSx1eRLeQyfF3RsQh9ft3TbXXPrXGtLdu8iw

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Wed, 27 Sep 2023 10:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A5D 89 KB
31 KB 106ms
102ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5D 42 B
107 B 68ms
65ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dsh9Ry0ZtEkhjnK449QuBW-P9iNeQrf1H_j4bQHqf13lcyh4xgIGI6QjFBeLq6o10UrQCuKljfL7sa38H8tg4gzWTb21XuQtau5AEGv6IhOb6LaKs

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5D 0
56 B 67ms
64ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2042518793842567262&x=1&ct=119

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 3A5D 3 KB
1 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 3A5D 20 KB
8 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A5D 182 KB
57 KB 104ms
101ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:40 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 39ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9e78e12c65-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 39ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9e88e52c65-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
17 KB 400ms
400ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=326070468126667&correlator=2459965887035397&eid=31078130%2C44769662&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cc80319cf-2567-4473-aa70-ede725041f47&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D2fdcec1d168ffc10%3AT%3D1695809739%3ART%3D1695809739%3AS%3DALNI_MY3xdhjyGz0xnQsxfL_mUcxxFfkhQ&gpic=UID%3D00000cb1df5f3bfb%3AT%3D1695809739%3ART%3D1695809739%3AS%3DALNI_MYBrPii8uv1cJSIuSd2QBVDzQ7UwQ&abxe=1&dt=1695809740553&lmt=1695802540&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1451295552.1695809739&ga_sid=1695809740&ga_hid=757346658&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGQ2YjJiNTZmZDMyNzUxNTljNDY0ZmU2NjMwNWU0OTQ1YTcwMjFlZWY5MGI3ZWYwNDFkNDQzZDBjYmYzZTlhNWUYhbyMsa0xSAASGQoKcHViY2lkLm9yZxiGuoyxrTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y67iMsa0xSABSAghkEhcKCHJ0YmhvdXNlGJa6jLGtMUgAUgIIahIZCgp1aWRhcGkuY29tGOu4jLGtMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9LqMsa0xSABSAghq&dlt=1695809738684&idt=1139&prev_scp=ti%3D870463e4-3c10-481b-aa93-f131755951bf%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D71&adks=3607019325&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ec639cea5b66196d63a0a7e77434d5e77d8a181dca06be3c10a937662d22d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16997
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 38E0 223 KB
61 KB 109ms
106ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 38E0 15 KB
5 KB 129ms
126ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 38E0 94 KB
28 KB 130ms
127ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 38E0 41 KB
14 KB 140ms
138ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a9b68e8e326754bc203248ba49cf7c18e8a6424719a3b304594b69a3da627e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:11:06 GMT
age: 147874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13888
x-xss-protection: 0
server: sffe
etag: "2afdbd3e05107b07"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:11:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 38E0 5 KB
2 KB 142ms
140ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 38E0 40 KB
13 KB 144ms
142ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 147882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 38E0 14 KB
2 KB 131ms
43ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 10:00:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 10:15:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38E0 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 46583
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 27 Sep 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38E0 295 B
319 B 32ms
31ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 46583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 27 Sep 2023 21:19:17 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 38E0 225 B
249 B 42ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:44:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1895
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Thu, 28 Sep 2023 09:44:05 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 42ms
42ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: HIT
age: 2425236
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fc9ee9842c65-FRA

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CD4F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

43 B
738 B

55ms
55ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNWefaNfd0qgdillFueJAeFigPQPIWoPOJVI9gwnPmm-WkEwIMPcpSk2zq6xVoXYUbHttTpRH8ZqS453JSo8ZBAJWx7AZFxJE0hzV-hJVtRHvgK43kXRXW2sM9dsLJ6pUojMWODS2WczCF8drt8Wf6elHoroi4JJrlXM5KMl9yrlqhzcd9W4PpKWKUbSx1eRLeQyfF3RsQh9ft3TbXXPrXGtLdu8iw
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6DKK0dCtPfRoGzCV4ADK%2FUOPQheHDxnESWOZdT6%2Bz62nkNCCWLpAtPcbPSlyQtbXXL6vI0v3%2B1LLFoesSmGuNYqHIPJ56WlOQvX%2BgLKSIPDUvc2njtOXCTYHdTCqZFQjOJ%2FxlPzqtvSOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fc9f8f8a2c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CD4F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

43 B
731 B

49ms
48ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNWefaNfd0qgdillFueJAeFigPQPIWoPOJVI9gwnPmm-WkEwIMPcpSk2zq6xVoXYUbHttTpRH8ZqS453JSo8ZBAJWx7AZFxJE0hzV-hJVtRHvgK43kXRXW2sM9dsLJ6pUojMWODS2WczCF8drt8Wf6elHoroi4JJrlXM5KMl9yrlqhzcd9W4PpKWKUbSx1eRLeQyfF3RsQh9ft3TbXXPrXGtLdu8iw
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ0oBN8OAvhNHUQ6f74wgZVK75GXA%2Fu3Dq50NQKdFGLVQ3uJ1KSHu91R00J1bS0NL3Z4saHqypAheeTl6hS8CzQ8y5Uba3l0TyhPdmK2NQZ%2FEpxndoVWiaWUULG2c%2BkB9ecD1GmQTAIhYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fca038192c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CD4F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

43 B
837 B

39ms
39ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNWefaNfd0qgdillFueJAeFigPQPIWoPOJVI9gwnPmm-WkEwIMPcpSk2zq6xVoXYUbHttTpRH8ZqS453JSo8ZBAJWx7AZFxJE0hzV-hJVtRHvgK43kXRXW2sM9dsLJ6pUojMWODS2WczCF8drt8Wf6elHoroi4JJrlXM5KMl9yrlqhzcd9W4PpKWKUbSx1eRLeQyfF3RsQh9ft3TbXXPrXGtLdu8iw

Protocol

Server

185.89.210.212 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: 56c06623-55ea-473f-93a0-bdff498ea0a2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD4F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

170 B
188 B

47ms
46ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
an-x-request-uuid: bf90d272-8e80-46f5-a152-e50c5351db53
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 38E0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02773c25306a7d447e182dbef391844f39ea477423b8714f3544e6601de34964

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2556 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=183280397102&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2556 0
20 B 74ms
64ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=183280397102&version=m202309120101&ct=119&x=1&cor=5313795986441983000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2556 89 KB
37 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBa2sPb2JGAT6ZyCgG3RX8I4DZMrOFOfH9h-xoAlmGR7NacM2Se4RN_QeTetJxjjuc2XsS3AGoaeuHX5W4zKr49A8N9FgoisQbgFzl9NU1SKMwAAnEF8dYzn0qDbVGH4ncHDBElxRvX-LMMea35DLXyvu8V2rfye39zhuSaiBNU81PxSdXdHQbnUhlnsyu3wLdbPdx&cry=1&dbm_d=AKAmf-AutFzGgfu1vzBcEGN4zIzYVRMJ_KB8dT_cQpxrsLSJLS8NM8elteyIaFdz4Ix7d7-MToCFaGX7zkmFZpu8KYdUGvHbjKMFhhReRLdox7Li3w8ulYJiVENwnZ-PzGdK6mzDoXaQ7x6lvoUjbWBcCn4u31Uiqo4hN5kK0m4GaBDtnWW4S4Bijojn3QJkPkscMn5IfMtqDoTi2JbiaC_MIiZKfhhE138ckZmX4P5xVwKxH5oxxcz2aQtjpolW28XVovlXVBl7dLwMQ04SpLXHAj-imaq_ut22Zcxn3cbPYKlXvCQHyVx6hZA90ZKXSN7ez8JWxsxmdUvTyYFSom7mrOyU8IqL0oTz26TDrIaKwBR9k56B5icoNQMylOUpQoefk0GwoV61u9hN6dA5FJ4hrUQskZ5vgfqAFr9JhCoJDnrNS5jL__amD6QJOCM7XVHFkHJsZXHcRfPcFCKs-7i8ym6qKG94hKHslkJ6wuMWjTBgJEI_dtwdyw6Rj2vkwZ1T2_oWu5bOVtNFHZh5AFocYdwSYjwwSWBsq3EA-S_B-4KEuBizZjuTBZd7AwrvKdel_6bMEQ5nkPgCzjcG1y-PiOOaC9VeXEpxM0C5FMXnlsg4Z0G2PMT1Utcveo3hemX1PJUp7_d6waZDG08f7GGYE8l0Z7k4I-7Q4oEKFfQgxWFXqEwm4yKwRdDeD7TqKAxGmTKUMCbSIwoJ4msIFEG5_3HRUONkt6uwG_FKE1q_tK35L1tIslqPh1TowCUH26RS6v6WbN0xkLcgPtvNUewvoOIadQgtHUSUBPPkHVmqrroPazNzYWfXNfTbL21K-KbALBle4bgh_E10qmUF0oGg1wuHHacmZzvVH7dT8V06UiKLu2_pMb-hCaRhNq7J4sPYPGrlZrdoJfErNTbC7CY9ZymeOXYjDQDNjXpq96NakXWz05Drw4EOEpCHo857-ijVwXbZXqCZ09xgDznhc58IyMDgHp2eYTwQBYKgaRYqrCSHfxA7EES1HWJ77SBRq4XWYi5uPGq8cHCcVmVHI0b8rPH4HA4Z1xU9vJrw-RxqNT9iJ4WoBhcd3s3UP8cQBdn5GCXoJTAzZR8zqGJKvxD2zf9Hr4tMlSZBMMdPr84oTIIVjarG5MZMFIlYaasSi2lj8rGp8eGiy5bBtNDEgIL_CfVaG4-wGT6Dmq7qeVauqpPJJ0kmqoFUsQZQKSDJ5aHvnN5Sg-qdi2HIA1Jf7xYylsy3L46dBWe4-JNrbRK0Gvi9_-zN4L19nswn31zmvtf11HYT_sCbsBihg0XucVqrQQzKDnn6AIdHYmVzPthq9Wz6d5esf19R-czXHWKdqdSGyyChhttclW4FURP9izcNec4LyGUlUafFpv3HsgNXj3QuKaThLzaXCleWZi_rGJ1RWZl8f8IWMXVk6_7JCZ99T0S3AoECdTkwLURo07_bBsr4eQLciDln9xFbz3TrmKoOh4KiR_SPoG8XJEUj1RizXRiYxCMbyIGHeTtCwrW765Ai0B4XHIv3x8Rjtabl6cxGYpSi5ciJb61yYFF1YPz9-OY4w61C9ePh1VIDIgD6tmHBHs6gkF84ZRQ4x4lXbOnrHVboJLSRZEvzAu7CFC0XtUEtV0Rl6GUYr0k1AfqwIfFKLiBy7sIFXXobWKfLWQc2etymbpok-e16myjjADE67gwcgsDs2bes7fd9t21CUWY36Da6h1q5Z5caB3qWSmcG9q2Qov3r7G9CDVTWD1flW6VuV61bcbG-HRreK8goQeIp_aFTuqXeCjZsJTlP6qPn0W-26VFwPjS8u55EjNIpgkAZD0lX3o_E_BWOQX9men_CUGZVcuvlzRahKvU3L0BNca2aLE8Ll53R8ucF1tzval50L7VOnFb8SG_Q_Ai4OynZeVFlh5hch_hEuYLxD6objCTRRYk88q-MyRsaJZG61uRChcbazQmuYh5Ke0gciTMxj2HKM7CIhetnvIcM9y79hh5B-jLsvI5s4gcBK3VJ7L8LbSH2kVMuA8cjppt0KeksaXdOdadNn0yxFcutN4MsB3zDFY3GxllrjCxP-BcPOTYdAPtN1zzPUtR57ZJYKeLDKdApsc2EKZ-4Oo3Y7zXZn0tf9IV3-Y5l7FP_2DrD4jKvw0bGWlJHjAPoLPzeTHF_LDYG8Pgg_vvSTjil4jv8JOzm1q4INHrz2HUkXwQP3mx6zFrv-MVhC7XQssBZfKm8JmjqlBiAhQnFLUhlEzl9yrkCvjY5YimL8xH1-jxejoDvTGwWxodVgsaB6iKhVGvRPkShgkkf8jN5tvhFOWJ82XEqOK0gAd77JcncxRkBQ29R2rkKZ9gQnLwYceJvHCnhYYpeMoPVzBFWYZmoj140RyAl_sSYebptoMGr7rDe4Jri4iRogj2MoPIM2l1lOGJYn3nYXoJ0ruVq64NYPBipdn_Qo2igWIqhPv2LzUzu0keiGrLvfde-YdGvqGdIyJjFB6PbS8xriO3YheW6NFwve5V7DnsYcz5XqmAioGljRnxrEKAmpIs5SvwqMDrv0PM9ZpndVFhAyHubMifc4dOo_6iIDt4Uc2VmHOCM9TQz__5Z9UnzyIAjbFZsa0eXQRaVKdyYhexKi7rja3xVvSbFGy8Er1FhfItj_GiE26NHC3urewzgRd4emBOnkiSTINoq-rbs1M7i3-vJ1p9aicMXhK5DZh7di6FJhM1lkTsHGYUtVqBFDlhdXyBpjPVH2jGm_5qKGS2_de1YMT7ze8s-zYMeIUwlcLO5eUSv9Nk8MZUcgqv6AmV28ZhUmPBRJN_9F8zLJXdNtLvF9R4WXf9dRw7XOee3_jOgig8H--ItorKFsGnlHw7YirfNmnuA4Zn_x_VTCb5R3fv-lbTg1XXZmMQ-qh--jNO_EXKi_SphDVfMfdBtr-F0ApXRZ_zNp8vf4DiOtuycCojxbAvPuFosjrBy-_pwqduGSrcpWC1rAVrstYNv8HTYMnXyG83u8iUmTEpzTEcsPcAu3kfp9Y_mFWhovftNmlUMdMYm5GjYrHhuAF3HFMUz-nejNlj6fR2KqzYklwvLKfXs3UitQCFpm4CMD8D9nod_eHiTvpsN3aTwwefK_UdOg6Q1ZE-2BvzXi0hmPx1SQhSdjf_C5qu2RGXdfBUSOEksZmv_aPK0-gFHnu97pTWTWiqrssLRST53Pkyckae9xyzHKpNJmxq7kzAU0mxw5nTQLzqZXXErPob_g2ahWd7RKguey-gbhhqHOdfEQ_czXixG8NhBruEuYv4BJ0G5oiN8FthFu5trVs3fEvo-KUgtexUpilIqFC1eswLy48BcuYHKx7UIuO6CC15ENthTTi-0mFgRSoHRrDR2TWaCRjjDRk0cGV3HDR6FRETjdimH8dNLEqrMFWVe_RZKbxdFlObkvsTB1bniJ7oRMcx374ElKM6x9QNDtJCU6DSeBCQ_DHDphSxPvQTebOuxNez37kGklopJ69k0_vN_29qYfzgek54pPm2D9T_nxaGmBagNVdsb67g4Fi8HHYV02ns5DbAdiFOJdQRNMtgdjEhrPdvT5J4pymIwhw2-Wz0HW-13gjybmAiCHquY6xRbbgyt6M34dfK2BcIOFj-L8QqRXchvuW7CXY6LgII0sYRVaTUOjWLJvmleT87b0drYa2VJj1Z4ZhL2WADOFxk9JDi6DKz1gdlsGmubaBYxK5EL1Qs&cid=CAQSTADICaaN17h0zNfM5b7KGSmYCEJ8j8R3geOkFkSjq4DQWzf61649AyyKWBQM6E_jNG1cYdoNWGC6XtlOusS-Sh8Jva2in70SsWrLr5EYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=5313795986441983000&adk=250412560&idt=269&cac=0&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce65125f810a0db8423999450e5b83d2ce156a437ed3109dfaa2e8a4da47b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F62 0
20 B 83ms
82ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9265033843576&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F62 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9265033843576&version=m202309120101&ct=119&x=1&cor=17367999297883620000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9F62 89 KB
37 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMPQ8rBJPNug_gzJ3QflYIM8B7Kwl2rg42BD8PuVFcohI-1jeFM2Ih6uz5mWjzrN6dlitd29kp7s6_xzz-UZmDWrMu4R7Ly8ARq_FrraocpHrvdk9WI6nlMhoGtDXmQWnXgjuE9M1wINV-2VxrJqFjJBCKWmdFKl8I1pqPErNebIYQNHqp9BChNk_N3Qs9_m4WSbAL&cry=1&dbm_d=AKAmf-B-jBTnkmowhTNMhckMoxbkdutfrMIsa1UM0JnhP6D7mF1Zutpd3m3OOOlb844-gMxwE7akqqhuCSSU1wyAFBttylXPnUhjcEk3W13Sh4e8KUt-BQAXd6dipTRXuOjVPrM48O6o71Dxd7fiwp4Y1IfHuC-9FHnzaLrJppesOxQFVqO94X6chFnMUCM0B3b_zCu1nSVZKU-z7RDn7tx5TDDp5hJ7ZMuXRm-qvQ-7-iCg_Rfuz-1DoTxAJwCdUbYCvxiyQltz8zQloPKIh93HJnybCkChKDhLCuskfNgIFepbzalRQdsqOCg0P0GZgdhmvxTphzI1z2_tBiJJFiHi532XWU2LKTcl0M8XxgdnqJ7gd9fi11pnHdP_sJPxS-ZvBdHakGrkbTmTuWatRXN5QVDZ7barpbRZucKscDF5rWoy2sSH04GnfZrrOUpfW3z-kWbV1_2tlw_vBjYFMrLVNBbX_oV6nYqTNHirVJb2fvW_K94vOhGuVuCdwyDIbWcqjS899ZAbetroOu7TZs6lS6pooWYkNr48LFqkXlCkePkvcjdExJsOMfWkUz2uqvJUOJQWW7z_Ya3p-SW9qk9IIRSEj-zBtAdsE0YqX5yKSjPWrm7bDoumtqqAGWGTGAtsal5zahy6tdNiFJ8Nrcz-L0rTDlhjK2rJNR6PQqLD6utjm2m6OvQT6uPL_Zo14lV_MgDX97RLJxMSmosUtPUn7xhsk0VF13znSQliMMQRVbKPHIK-zQotpHXdf657-VBxiECGruZXAHp214e6lp9hLZcA-oTNTOSRR-KJy5PuNLmIDVnhaVkJgJuTnnngEd6fPX7FwWdXTxsPKgIcG5QgkLB0-gt4p1Q9M3gJHMw-kVTycWrc1gPWOEyzKhUIPDj_ivuuSN_loLiWZB2hkPMBfcHl084xi7q6ZvJjraFWXHnWAHPuI2fOjGgat4At9t3wq491dAdttop2LNH21Lvc7vyx5IfikKWY_tZeW_2hPev8Dn825eBNoO-a9TRrucb3DkKTBnzBsZrgUeKAd7zyNkPBPvYI4wPJwqLk4p7_AlCE2ULZxQe6THqUx2EL_qMB4W_q-G5YfcckihIeMY372Nd3Squb7IXkcwolm7VZJRrqgzBGAQNFcd-AQ5ZBDwX2W5NUFO_KVUv540zxP-AwonQ7LYYOx_CEMozdAl30ILgq_KwaRuP7J_Gk7CQuTm5b580aFlSJcXOEp9Lwudr0DQoT9vx9hULF-fbIFZSvmEVOBBryqbuncfb0GjKoX0Dfb97ihbqMlZCcjA6qeyR9bD3QN9pgZdsVfqOtwshF8maqy9jSOXgCggJ5rBfMlA1o-lNxn-CmbAI7-IGKM1MRxyZ2fJaAEfUOoQtDcywD8fhKgG82KqAnzpiERgMBIPji3bpMYCH6CWBMCXVFdEhmmtO1rAqE7Ep1E81q7DsPO4ZkvLAfk01HGC8TF6EGE7djUfA24UccJ7ZfWpbCL87C9obDmnoVlVjutPesPo3oVnv9TK36k6YXpPXrYxqRYTVtRVN-VkYCzFnE6uRKIiqNWQM_JTue9fCelS8kkIfnY2X-wUtBK55-NATZBKS9rZBHVuL6MWPvBWeQJ3Kd6raVWvnjQfZPOy6tS5HhSOlMReNMaUblR9nTHMJKRWo1Q8yBHQpXnqLik7_IxpX_aFUYS_e4z8UF9XB7Fg3X_qux7G3K-3t47qnx8UBsstPQOiluSJ8Q39EWleBSemOmaysPpAnZs1DSkrhEPh8lXHfcmchI-y7t_oR3f9j_zuyVibAVxd0Linnb6IEUK4eH_awsj2wivGcHweH8OPHy-ep-XGS39leXx3LcnkEP2_-9JTdKjVuQtmdrlXALgJhn7AWZkK5obVU2DpHP7PK8tLDnEVHAfuW4ApzKGKCDdf-RYGI4I9r5tSmnTI4G-RECuZxdt49bJKeUqj5HMvlm2gSjdO3G-Z-MhhfWYJo32kLLpr9a-O0QcSp8mRdF_Pbu75nHZHA_OYG3odnXXUl9QpOcwDp_sMF4Q_ll6ewlgeKb-OuJzega1vaDCcctg-QQmCp_vqe2l6UuUD9Wkpy0yKyU5YI_wlAU3j0vBrbIbI-vCq001Bcf2MLg8K_mi-MIOipYh08XOLYNsn4W8vxnMu7rBFQ8ZmwEcdaygdEarj0BCpkmUPqXMVNfkW8Qe9eIszHW2D0Ql9hPmigMGEX5GJXK3tF8bBojPQzxobGIwC5p639WZs5AUe4-qqJvuBsHAzt6-wAWF4FRx7fkoZs02jzGJHGkzBN2qZP2vOABs27Bsy5cRG-dGhTO9nuSZttClHppOm4LCNrhrNf_iUuscSVSWA9f1mi-F-n3qN4kba_KEcDdYM7v6y0rZOGhTEUXmSQsFu9a8cmiHdlAaW8EqI2yZhrS1ejYbfDX4ifHor0jgZsFLbZwpyvGYi0YUpmceOPgxnymjHIcInIuRIleTQqb0EvE_WDF6d2QlB4bVltglAFjHi7zwIdsuVoZatWAV5Mu4GKsv2eH0eySyyE-3h3dQOitLCaFSfLEZ_Lli1BxDjE0zc9P3rdIby0CUEB1m1RVmOd0OOS0Pj_RsDX4PJ6BGQNdh-YfXu5RXMldOxiREQgLEkNdF51fqVLmLaKzsqABUUDDysmPp_u7RNd7V4Abgtc5EGjuLhi8Q-VVN_wTdBj7mcTKEVL2QwIRn_r70lfNBfQpYsSRhT_xUk4UhmU89QNpH8kjHiUhPHdvynkIGSeHJFWcVl7Bl9xDVja3Lo3fXtyKbeXOYtg8zU3eyn2lQ8j1KWKssOfnMbu8z2VOvlALwfibGrHqyu6KEL_t2HyYZBmBGzW_pNlkuw1ci5bAmNIZ2H2yxjUp7ZTZ_FjMOTORExAThw4C8beqzcxHU-VtAOFZBj8JzD6zCg9hi6dtnhV18zG6oq63824wuPusmqZwD_mp0PRQKrgQF3Qqohu1cFj7SDW7Hcw5_yy8qInJjD7nvJCY5wjgTeXGuEpCC22qy5ws3YemvwE6oZ294kwAwyGQb_GFE0keYjWdylJkEKwvNmQXDom_ioKcvFPJYxwUVu7cv2MbyE0BQBn_A8g9NMjy6kWgNPX4GtnOSRFo3AW5ZziMB9ggJMUbHQ-bXGLduHQIzlFoiXnV-F3Txq2vkEmuF2yolXa1DGOhNamhuka6c7gy2N39IPeR-b55BISBMlPmRqJjL7pmvmpNTPWgWDtQavd9VIMw5codU4oIzD_arUmniWevLKHGS6kPqapADIdng0eJfaxY7Hq9lCS-6-EDreC5gzRD5RQjbtx3xXLL_5D1mRn82Bwfqucu8GiC61ahrlAuuV1nAOkc3HSSPJZawV-VfJ-8QeO9-kewHnEQufmuZPijCi5dSNJa_xADCqZxav4FGdTIf56WfVQ-2i7smacnvUcpAlPlL1SE5iFbdLFbw8680C5r4927QtcIAnxYzCX0QsZKrhaKLYVltFMyeFheHczwYzZl4dVtvXhZk712ALpsvEsKnBTeFhw3GTcHXEFcsmHLpUknlmhaSzhAIbPHy9pr_Zor_41oOkXbuORlxIlMnaaLedpXYUrlpiyAZG1zyzChXkJHBR8nbccQZdCdt3D6z3T_RZFud2ad4_GRSkZb59v2i02vIWUxA4HqyIgN-QffFl3ojHDXlF1by0FUykfuyTnAVlP4rsHHKF56Bj0&cid=CAQSTADICaaNJI9M6ksRWi72j4yc1jBmFtIuEUraOm3BkgRw--P6L0KO4o4ezJMcCmS-jrQf8Df2UmHbGofJQEY6-lOmg8dbojheTKi0AnQYAQ&dc_eid=31078235&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=17367999297883620000&adk=2923430907&idt=329&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f66ccd7ff3fca0cf4ae1cb17ddd5baf847cdfc5be4b957f851cc99af7ac2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5D 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7404019142750&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5D 0
20 B 68ms
68ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7404019142750&version=m202309120101&ct=119&x=1&cor=2042518793842567200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A5D 89 KB
37 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bs_mmlOCgQogRKLi1B3B_4-ZfdQ7rOuwi_K4v9olTaZuju1FjHKDz-Vfz3r_QwOJing-qDS1H53WnIpYgJSt1zrsFatBQQNCvxmdrB84C0ub6zOPF-n8iFVpl1f4XEjCoBDC-YeRu4VzSed6MOM7JTuVdnNrqX5bNYU1y9Nn0OgEKVFvF0rGhRAwFDIzxZjZ-E6X4k&cry=1&dbm_d=AKAmf-A29B1DWtyE_Rl2FwHHRsuwI9DZiYXQpHN7wTT07LZCi71JwERYzjNqJyKjGmskMoGCFzPVitmMdSPM80HPXTfkQmb3eKTfUYTbuCnSXqDqdVYLB9OFKbdk_aWOK9l5DiQrhCaoxhGxDnZRNLpEJTBEbIWSneTE912H27SC-PNTrQMqhLUXSbdWD9XvPSwOCOyfWbQYAGo5o6UhOgWw6MoaoIqqBzdewj5tWHBu4pz_iRPWt3S10PhOteHfGQiYvtCMWEnqiBlsxfa4cpPE-dmXVcxbz3hv6FJVQfIoAM_GBfx-KQmU73HCXSx8q4lDlEOAUFUp-klhRgfFizNfD5U50Ckl8lUVnSLds_IxUVnqW046NHqKtPcgRAGLoon_cuwJu74oF_WVLm2VWFKBPs2q7-AHZ3uehZoDrpYqJd3QQkXS4clOcqyODp3Lq-41v-_v4AvgY_z6AF5_g5HpL87L5uri7xirBwkxtJ_SdnlsJtu7fsP7m7WZKTUVzA2L0q6yUrE30m34ulUgx8RNiU0lZ1l8xFm52OqMrIgZgxE1p-kZziT0oZ_TYfHzTF3czrM_TXX4dsiu7MbPKGwuhR1SonCQYe3O9Lfoa7mqL-mLQYudlW221PLBfR5_r7X_yRE9e0mGTNLEZuJivBykwmIaIx9ZZU_jPUO_7QdNmg84a1nqB-NCp3RE8TGp6QBhcxheCi2ab0LLhLtZT9_Ip20tACoRQFI38PVaudU_C_ZA0bKEGsNXG0DtuflVzwLV1e-jwIIPOsS6SlVxNJwuunezMyt4fta1KOE3GU88M3nqzMDwyUxLqOxJf8wgLLNNJUF-c1c2GZZPn1WSy6CaJMANb9Pfd49vHMJ0kpjKk_QVQK8whgmJPrrPp0a_3y05B7Ioa8epDIajxBNYIYowi5xEmcoAkCYuIuX9bDyRN01aZrgqJlu6Y31GXLpfcFtvbPnMeNqnLPXpIU9CdRKs1Hg2Q3-tMSDNBCGv24tcepcXoINSUkyw6KDAyE9wJc0_Cq4dx3czTYZGD9gCro5GC5q7vSi7NpIwsESu1dxD1JsX2YeiBPzvGT1KkvwQ24ZKbMOMu8dN9PgXKZmOeT5CDLG4Y83RPV6BF-igA0vDKvaTbg7Gx7w10TomVUxzCI2eQb6OlxSfrLx5Knc5wcEsmajP5hBctFfIdVqhmcD-FXjyvNOVhaloC2Yh3V4WKNdeWRQfZKQHylFSDo7cPmeChYx1Ii_svAt2hZRL2q9OllaVqOAuPBdl1Id6H3JCcxhtE3c4ZGWyKnF3kooPHHDMrqXItgZ3iFqvS-rF6EgCRFrP9R0KEO6ikdYOM1YutsIUSFxV1cjcKdodXDfOSIx5BnOIEkeLttRWfrafjff5lnCG5UhizYVrxvVWjLLGYqMamjMD2nohK9iSg6uI4gwQ1eY2Yc-f2ctm1f8h0vXsEcfA4KvyH2v6c1nbCy1pLvlS3_qz_4r8LV43r7JwyZRSdHYqe3KhhUAD7BZtW1mZlAC6wwAaMUu3k3mTKNEGYGEd--zg7d5Iv87ePs2oH02MUy7K6QX8CQ7_UHZwebNRGLDFU8PK8ecqOFKyPrbVcY8gTUwPK1aQyYCnGCZEUdh2uq1CLyXyJj-MggVF73J00UHMfNhYnmvJy1XQVz2vJCaC7w3DvtdK8c9ONzGd-n1EWx_t1q95u3i1uWPPmqryn-ZOOlC2LqU05XgV3Mdti5jrjyGWCqfuhvkqBHB4IXkFzZ9LmXFmPxBQhEc9Ubxt-tbCHXgXMHaNwp8qallHItU19fHMqHp2pUkWhkVyiW9Y-pUmYyRQEdD6Y5Zdvr5PSHYsbJYK_7HcwtgE5o4cv5Be8i3vv7nhQi9NVp8OrVrezElQ9hxKX-9neesHW52q1ur50D3SHD2Ld4--PHDXhiB4bBhI6IbfyamwMoLebkFuDre6g6OWOQNZkz8zYdGdEp1bc1vTw4Zrh5aP2vkgE0rT-jFoRV4jD4BD7TMPCMbmGdb4WmEwZ0X1L4gX1kZmslSRoqYUXFdlXvh6W4UN7siaFaZ5XmwqrJ907q_ec2Db2G3QzTgzuQcbD7QZ_IJr2SKab-wfPVaLvPGl0KZn9Zls3x3V6uyrkI1cUVsiZCPyBKEbLxB9tG22yGZZtN2_2nBiKTbKYC40jR-xLZs4DOcJnNSCuECBZVuCteTy_NwrNnVCQ97aoqP9kqOkJVOOTGPIsX3Y71nr3692UhbtPXeiIUdN8ZZJRNi7h7ZlSVIlAL88rv0T7oyvejETU0LB4m51DClqPp0cVU43apxKE7IlRJ0rFdB1iJ8EJZ4SlBhSkKzHxIzFY9kWhf002Y1mN798cOyIez4jIevFSVCk5Buvun0abMRFq_erqWSIAS8rfUJAUBbB9zyYeqhq6ruv3vHKKT67z5r2yx35pw61nM5vNWj9ytoB_5g88eJhSaFy6r1LSboFVg5uo1Nwt1cE5cGCnaEQQuiV6y82sAPisMh5zYcGtTg6Ya9VY2Sfm2a8ebBZNcCW5kqAF_mQMIKAmhXmXbnplzUV_CusJ6VYCq3ZLqh8jNxQQZWyJnmXBMD6BUx_SrnzX2puIEiXTvPifie8_6iHOI_Minup7GfQfO1mjpQf6Nbtb45JzES5VvM_8zBz_LN0Qyt5RLmdVvbDVBdSvg5jRyRMgYZ8zQsjHcy_3xEfPWEn9IOjOtRZvMUBM-qunNdhVnUaEs0Uy8_hcdZ1VO8p9P06G7dSgHj4FPfVTYYmG5MrVLtPORaJcjoSwLubatOWdWReojR7zJ3Gmgzii4fM0WP8PjkKpnVFxODyZVv_ZXCBvMRLGZfR_62Wx7h8V7X-X0-5DPCuJbtP6C_nU6s2XgqmeQerjyu9A-8bnomRf4wIDUa28b4Kk7gdhIBu8NwvZgVBCR1ZylShP2xC-OtuRPXJdhq3TLnAW6HdiQo08F7Szh_Ji7cXpZslePQOgvEaQ1BspNz8bfK5D2EHUAIfyNZ9qGY-Julr_FkmSYk2cKGVI7Gv1s4GpAUXR_DOPJzpYcVafaQOUZ4KB1uM31kkK9w740hjaNbpDb_l2cZ3hsBA7ZTsBCGv2rpZsyBCU-r2RlPQaZiWpV9rQuLi2wimGQRtJuFqpHdZtJxcnNI_BG7Vhkgisra7uxiskEvh97AZxdDEl6d_eHKwyeRL6eOGvhjQiLQUVFuVv-uU87uRzHIrOvgfNwJB0Qd9tMt7fn8BLBiG-Hozv5FNRNAwYlOoSwJOHhKOWeq9xMwkkLEm9jAQhK1GqWe9PnF4W39H22gB7k1ObPRAW7fZ2EloIcxNwFwPFbqif4uRm0J3TrOdKVo7zxthlgmu7_1kAi8yOudv_b37TN9kZG0UCBoNe_fzi9gEImqkxEU02KIqIQpLre9CNw2t3J70KWMrbZ0rwIYHGsgB3xjgUUq9A9qYC-yew6587NZsiSy0UgpBGpku4eFZVx1KDNzIC_Ht8Hpt4Ku_R9r36PTe0AZgDzoJmUoqzA0Gkz3_joHzR5ATm4qBsHUbwQ5nc3qLsWb5IuR4X7fF-VdjjJuCDNNEWGUqx883xOQtom1Oko7QKt8rVsptAc4FrEOgk_y3I2YajES3AOIgZpN5V5TbOYy6d3EPQ3dmHQ-Nb9OnShMpM-zYUdyUx3ta1xCvyAscMa9pTUMHso1ddgNhPjLNw6LxKohbK3x6shw&cid=CAQSTADICaaNOCWa-2pk3EvradhamZhZBEuNoILvrV9tKo_nHqcBJcQQhdd1LasMh9UKr0cPnn2w8gS8VaSZbRDBBkiO5ioC13TgfacYs0EYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2042518793842567200&adk=1964084972&idt=135&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18e6dcf59e6aa1e0099501968a5d8662aed724b6eb1ed6ee88b50aae98cc1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 59B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

46ms
46ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Sep 2023 10:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 38E0 33 KB
34 KB 130ms
61ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 364299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 05:04:01 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2556 111 KB
39 KB 159ms
29ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Origin: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 2556 11 KB
4 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBa2sPb2JGAT6ZyCgG3RX8I4DZMrOFOfH9h-xoAlmGR7NacM2Se4RN_QeTetJxjjuc2XsS3AGoaeuHX5W4zKr49A8N9FgoisQbgFzl9NU1SKMwAAnEF8dYzn0qDbVGH4ncHDBElxRvX-LMMea35DLXyvu8V2rfye39zhuSaiBNU81PxSdXdHQbnUhlnsyu3wLdbPdx&cry=1&dbm_d=AKAmf-AutFzGgfu1vzBcEGN4zIzYVRMJ_KB8dT_cQpxrsLSJLS8NM8elteyIaFdz4Ix7d7-MToCFaGX7zkmFZpu8KYdUGvHbjKMFhhReRLdox7Li3w8ulYJiVENwnZ-PzGdK6mzDoXaQ7x6lvoUjbWBcCn4u31Uiqo4hN5kK0m4GaBDtnWW4S4Bijojn3QJkPkscMn5IfMtqDoTi2JbiaC_MIiZKfhhE138ckZmX4P5xVwKxH5oxxcz2aQtjpolW28XVovlXVBl7dLwMQ04SpLXHAj-imaq_ut22Zcxn3cbPYKlXvCQHyVx6hZA90ZKXSN7ez8JWxsxmdUvTyYFSom7mrOyU8IqL0oTz26TDrIaKwBR9k56B5icoNQMylOUpQoefk0GwoV61u9hN6dA5FJ4hrUQskZ5vgfqAFr9JhCoJDnrNS5jL__amD6QJOCM7XVHFkHJsZXHcRfPcFCKs-7i8ym6qKG94hKHslkJ6wuMWjTBgJEI_dtwdyw6Rj2vkwZ1T2_oWu5bOVtNFHZh5AFocYdwSYjwwSWBsq3EA-S_B-4KEuBizZjuTBZd7AwrvKdel_6bMEQ5nkPgCzjcG1y-PiOOaC9VeXEpxM0C5FMXnlsg4Z0G2PMT1Utcveo3hemX1PJUp7_d6waZDG08f7GGYE8l0Z7k4I-7Q4oEKFfQgxWFXqEwm4yKwRdDeD7TqKAxGmTKUMCbSIwoJ4msIFEG5_3HRUONkt6uwG_FKE1q_tK35L1tIslqPh1TowCUH26RS6v6WbN0xkLcgPtvNUewvoOIadQgtHUSUBPPkHVmqrroPazNzYWfXNfTbL21K-KbALBle4bgh_E10qmUF0oGg1wuHHacmZzvVH7dT8V06UiKLu2_pMb-hCaRhNq7J4sPYPGrlZrdoJfErNTbC7CY9ZymeOXYjDQDNjXpq96NakXWz05Drw4EOEpCHo857-ijVwXbZXqCZ09xgDznhc58IyMDgHp2eYTwQBYKgaRYqrCSHfxA7EES1HWJ77SBRq4XWYi5uPGq8cHCcVmVHI0b8rPH4HA4Z1xU9vJrw-RxqNT9iJ4WoBhcd3s3UP8cQBdn5GCXoJTAzZR8zqGJKvxD2zf9Hr4tMlSZBMMdPr84oTIIVjarG5MZMFIlYaasSi2lj8rGp8eGiy5bBtNDEgIL_CfVaG4-wGT6Dmq7qeVauqpPJJ0kmqoFUsQZQKSDJ5aHvnN5Sg-qdi2HIA1Jf7xYylsy3L46dBWe4-JNrbRK0Gvi9_-zN4L19nswn31zmvtf11HYT_sCbsBihg0XucVqrQQzKDnn6AIdHYmVzPthq9Wz6d5esf19R-czXHWKdqdSGyyChhttclW4FURP9izcNec4LyGUlUafFpv3HsgNXj3QuKaThLzaXCleWZi_rGJ1RWZl8f8IWMXVk6_7JCZ99T0S3AoECdTkwLURo07_bBsr4eQLciDln9xFbz3TrmKoOh4KiR_SPoG8XJEUj1RizXRiYxCMbyIGHeTtCwrW765Ai0B4XHIv3x8Rjtabl6cxGYpSi5ciJb61yYFF1YPz9-OY4w61C9ePh1VIDIgD6tmHBHs6gkF84ZRQ4x4lXbOnrHVboJLSRZEvzAu7CFC0XtUEtV0Rl6GUYr0k1AfqwIfFKLiBy7sIFXXobWKfLWQc2etymbpok-e16myjjADE67gwcgsDs2bes7fd9t21CUWY36Da6h1q5Z5caB3qWSmcG9q2Qov3r7G9CDVTWD1flW6VuV61bcbG-HRreK8goQeIp_aFTuqXeCjZsJTlP6qPn0W-26VFwPjS8u55EjNIpgkAZD0lX3o_E_BWOQX9men_CUGZVcuvlzRahKvU3L0BNca2aLE8Ll53R8ucF1tzval50L7VOnFb8SG_Q_Ai4OynZeVFlh5hch_hEuYLxD6objCTRRYk88q-MyRsaJZG61uRChcbazQmuYh5Ke0gciTMxj2HKM7CIhetnvIcM9y79hh5B-jLsvI5s4gcBK3VJ7L8LbSH2kVMuA8cjppt0KeksaXdOdadNn0yxFcutN4MsB3zDFY3GxllrjCxP-BcPOTYdAPtN1zzPUtR57ZJYKeLDKdApsc2EKZ-4Oo3Y7zXZn0tf9IV3-Y5l7FP_2DrD4jKvw0bGWlJHjAPoLPzeTHF_LDYG8Pgg_vvSTjil4jv8JOzm1q4INHrz2HUkXwQP3mx6zFrv-MVhC7XQssBZfKm8JmjqlBiAhQnFLUhlEzl9yrkCvjY5YimL8xH1-jxejoDvTGwWxodVgsaB6iKhVGvRPkShgkkf8jN5tvhFOWJ82XEqOK0gAd77JcncxRkBQ29R2rkKZ9gQnLwYceJvHCnhYYpeMoPVzBFWYZmoj140RyAl_sSYebptoMGr7rDe4Jri4iRogj2MoPIM2l1lOGJYn3nYXoJ0ruVq64NYPBipdn_Qo2igWIqhPv2LzUzu0keiGrLvfde-YdGvqGdIyJjFB6PbS8xriO3YheW6NFwve5V7DnsYcz5XqmAioGljRnxrEKAmpIs5SvwqMDrv0PM9ZpndVFhAyHubMifc4dOo_6iIDt4Uc2VmHOCM9TQz__5Z9UnzyIAjbFZsa0eXQRaVKdyYhexKi7rja3xVvSbFGy8Er1FhfItj_GiE26NHC3urewzgRd4emBOnkiSTINoq-rbs1M7i3-vJ1p9aicMXhK5DZh7di6FJhM1lkTsHGYUtVqBFDlhdXyBpjPVH2jGm_5qKGS2_de1YMT7ze8s-zYMeIUwlcLO5eUSv9Nk8MZUcgqv6AmV28ZhUmPBRJN_9F8zLJXdNtLvF9R4WXf9dRw7XOee3_jOgig8H--ItorKFsGnlHw7YirfNmnuA4Zn_x_VTCb5R3fv-lbTg1XXZmMQ-qh--jNO_EXKi_SphDVfMfdBtr-F0ApXRZ_zNp8vf4DiOtuycCojxbAvPuFosjrBy-_pwqduGSrcpWC1rAVrstYNv8HTYMnXyG83u8iUmTEpzTEcsPcAu3kfp9Y_mFWhovftNmlUMdMYm5GjYrHhuAF3HFMUz-nejNlj6fR2KqzYklwvLKfXs3UitQCFpm4CMD8D9nod_eHiTvpsN3aTwwefK_UdOg6Q1ZE-2BvzXi0hmPx1SQhSdjf_C5qu2RGXdfBUSOEksZmv_aPK0-gFHnu97pTWTWiqrssLRST53Pkyckae9xyzHKpNJmxq7kzAU0mxw5nTQLzqZXXErPob_g2ahWd7RKguey-gbhhqHOdfEQ_czXixG8NhBruEuYv4BJ0G5oiN8FthFu5trVs3fEvo-KUgtexUpilIqFC1eswLy48BcuYHKx7UIuO6CC15ENthTTi-0mFgRSoHRrDR2TWaCRjjDRk0cGV3HDR6FRETjdimH8dNLEqrMFWVe_RZKbxdFlObkvsTB1bniJ7oRMcx374ElKM6x9QNDtJCU6DSeBCQ_DHDphSxPvQTebOuxNez37kGklopJ69k0_vN_29qYfzgek54pPm2D9T_nxaGmBagNVdsb67g4Fi8HHYV02ns5DbAdiFOJdQRNMtgdjEhrPdvT5J4pymIwhw2-Wz0HW-13gjybmAiCHquY6xRbbgyt6M34dfK2BcIOFj-L8QqRXchvuW7CXY6LgII0sYRVaTUOjWLJvmleT87b0drYa2VJj1Z4ZhL2WADOFxk9JDi6DKz1gdlsGmubaBYxK5EL1Qs&cid=CAQSTADICaaN17h0zNfM5b7KGSmYCEJ8j8R3geOkFkSjq4DQWzf61649AyyKWBQM6E_jNG1cYdoNWGC6XtlOusS-Sh8Jva2in70SsWrLr5EYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=5313795986441983000&adk=250412560&idt=269&cac=0&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 2556 30 KB
11 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2556 41 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9F62 111 KB
39 KB 186ms
69ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Origin: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 9F62 11 KB
4 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMPQ8rBJPNug_gzJ3QflYIM8B7Kwl2rg42BD8PuVFcohI-1jeFM2Ih6uz5mWjzrN6dlitd29kp7s6_xzz-UZmDWrMu4R7Ly8ARq_FrraocpHrvdk9WI6nlMhoGtDXmQWnXgjuE9M1wINV-2VxrJqFjJBCKWmdFKl8I1pqPErNebIYQNHqp9BChNk_N3Qs9_m4WSbAL&cry=1&dbm_d=AKAmf-B-jBTnkmowhTNMhckMoxbkdutfrMIsa1UM0JnhP6D7mF1Zutpd3m3OOOlb844-gMxwE7akqqhuCSSU1wyAFBttylXPnUhjcEk3W13Sh4e8KUt-BQAXd6dipTRXuOjVPrM48O6o71Dxd7fiwp4Y1IfHuC-9FHnzaLrJppesOxQFVqO94X6chFnMUCM0B3b_zCu1nSVZKU-z7RDn7tx5TDDp5hJ7ZMuXRm-qvQ-7-iCg_Rfuz-1DoTxAJwCdUbYCvxiyQltz8zQloPKIh93HJnybCkChKDhLCuskfNgIFepbzalRQdsqOCg0P0GZgdhmvxTphzI1z2_tBiJJFiHi532XWU2LKTcl0M8XxgdnqJ7gd9fi11pnHdP_sJPxS-ZvBdHakGrkbTmTuWatRXN5QVDZ7barpbRZucKscDF5rWoy2sSH04GnfZrrOUpfW3z-kWbV1_2tlw_vBjYFMrLVNBbX_oV6nYqTNHirVJb2fvW_K94vOhGuVuCdwyDIbWcqjS899ZAbetroOu7TZs6lS6pooWYkNr48LFqkXlCkePkvcjdExJsOMfWkUz2uqvJUOJQWW7z_Ya3p-SW9qk9IIRSEj-zBtAdsE0YqX5yKSjPWrm7bDoumtqqAGWGTGAtsal5zahy6tdNiFJ8Nrcz-L0rTDlhjK2rJNR6PQqLD6utjm2m6OvQT6uPL_Zo14lV_MgDX97RLJxMSmosUtPUn7xhsk0VF13znSQliMMQRVbKPHIK-zQotpHXdf657-VBxiECGruZXAHp214e6lp9hLZcA-oTNTOSRR-KJy5PuNLmIDVnhaVkJgJuTnnngEd6fPX7FwWdXTxsPKgIcG5QgkLB0-gt4p1Q9M3gJHMw-kVTycWrc1gPWOEyzKhUIPDj_ivuuSN_loLiWZB2hkPMBfcHl084xi7q6ZvJjraFWXHnWAHPuI2fOjGgat4At9t3wq491dAdttop2LNH21Lvc7vyx5IfikKWY_tZeW_2hPev8Dn825eBNoO-a9TRrucb3DkKTBnzBsZrgUeKAd7zyNkPBPvYI4wPJwqLk4p7_AlCE2ULZxQe6THqUx2EL_qMB4W_q-G5YfcckihIeMY372Nd3Squb7IXkcwolm7VZJRrqgzBGAQNFcd-AQ5ZBDwX2W5NUFO_KVUv540zxP-AwonQ7LYYOx_CEMozdAl30ILgq_KwaRuP7J_Gk7CQuTm5b580aFlSJcXOEp9Lwudr0DQoT9vx9hULF-fbIFZSvmEVOBBryqbuncfb0GjKoX0Dfb97ihbqMlZCcjA6qeyR9bD3QN9pgZdsVfqOtwshF8maqy9jSOXgCggJ5rBfMlA1o-lNxn-CmbAI7-IGKM1MRxyZ2fJaAEfUOoQtDcywD8fhKgG82KqAnzpiERgMBIPji3bpMYCH6CWBMCXVFdEhmmtO1rAqE7Ep1E81q7DsPO4ZkvLAfk01HGC8TF6EGE7djUfA24UccJ7ZfWpbCL87C9obDmnoVlVjutPesPo3oVnv9TK36k6YXpPXrYxqRYTVtRVN-VkYCzFnE6uRKIiqNWQM_JTue9fCelS8kkIfnY2X-wUtBK55-NATZBKS9rZBHVuL6MWPvBWeQJ3Kd6raVWvnjQfZPOy6tS5HhSOlMReNMaUblR9nTHMJKRWo1Q8yBHQpXnqLik7_IxpX_aFUYS_e4z8UF9XB7Fg3X_qux7G3K-3t47qnx8UBsstPQOiluSJ8Q39EWleBSemOmaysPpAnZs1DSkrhEPh8lXHfcmchI-y7t_oR3f9j_zuyVibAVxd0Linnb6IEUK4eH_awsj2wivGcHweH8OPHy-ep-XGS39leXx3LcnkEP2_-9JTdKjVuQtmdrlXALgJhn7AWZkK5obVU2DpHP7PK8tLDnEVHAfuW4ApzKGKCDdf-RYGI4I9r5tSmnTI4G-RECuZxdt49bJKeUqj5HMvlm2gSjdO3G-Z-MhhfWYJo32kLLpr9a-O0QcSp8mRdF_Pbu75nHZHA_OYG3odnXXUl9QpOcwDp_sMF4Q_ll6ewlgeKb-OuJzega1vaDCcctg-QQmCp_vqe2l6UuUD9Wkpy0yKyU5YI_wlAU3j0vBrbIbI-vCq001Bcf2MLg8K_mi-MIOipYh08XOLYNsn4W8vxnMu7rBFQ8ZmwEcdaygdEarj0BCpkmUPqXMVNfkW8Qe9eIszHW2D0Ql9hPmigMGEX5GJXK3tF8bBojPQzxobGIwC5p639WZs5AUe4-qqJvuBsHAzt6-wAWF4FRx7fkoZs02jzGJHGkzBN2qZP2vOABs27Bsy5cRG-dGhTO9nuSZttClHppOm4LCNrhrNf_iUuscSVSWA9f1mi-F-n3qN4kba_KEcDdYM7v6y0rZOGhTEUXmSQsFu9a8cmiHdlAaW8EqI2yZhrS1ejYbfDX4ifHor0jgZsFLbZwpyvGYi0YUpmceOPgxnymjHIcInIuRIleTQqb0EvE_WDF6d2QlB4bVltglAFjHi7zwIdsuVoZatWAV5Mu4GKsv2eH0eySyyE-3h3dQOitLCaFSfLEZ_Lli1BxDjE0zc9P3rdIby0CUEB1m1RVmOd0OOS0Pj_RsDX4PJ6BGQNdh-YfXu5RXMldOxiREQgLEkNdF51fqVLmLaKzsqABUUDDysmPp_u7RNd7V4Abgtc5EGjuLhi8Q-VVN_wTdBj7mcTKEVL2QwIRn_r70lfNBfQpYsSRhT_xUk4UhmU89QNpH8kjHiUhPHdvynkIGSeHJFWcVl7Bl9xDVja3Lo3fXtyKbeXOYtg8zU3eyn2lQ8j1KWKssOfnMbu8z2VOvlALwfibGrHqyu6KEL_t2HyYZBmBGzW_pNlkuw1ci5bAmNIZ2H2yxjUp7ZTZ_FjMOTORExAThw4C8beqzcxHU-VtAOFZBj8JzD6zCg9hi6dtnhV18zG6oq63824wuPusmqZwD_mp0PRQKrgQF3Qqohu1cFj7SDW7Hcw5_yy8qInJjD7nvJCY5wjgTeXGuEpCC22qy5ws3YemvwE6oZ294kwAwyGQb_GFE0keYjWdylJkEKwvNmQXDom_ioKcvFPJYxwUVu7cv2MbyE0BQBn_A8g9NMjy6kWgNPX4GtnOSRFo3AW5ZziMB9ggJMUbHQ-bXGLduHQIzlFoiXnV-F3Txq2vkEmuF2yolXa1DGOhNamhuka6c7gy2N39IPeR-b55BISBMlPmRqJjL7pmvmpNTPWgWDtQavd9VIMw5codU4oIzD_arUmniWevLKHGS6kPqapADIdng0eJfaxY7Hq9lCS-6-EDreC5gzRD5RQjbtx3xXLL_5D1mRn82Bwfqucu8GiC61ahrlAuuV1nAOkc3HSSPJZawV-VfJ-8QeO9-kewHnEQufmuZPijCi5dSNJa_xADCqZxav4FGdTIf56WfVQ-2i7smacnvUcpAlPlL1SE5iFbdLFbw8680C5r4927QtcIAnxYzCX0QsZKrhaKLYVltFMyeFheHczwYzZl4dVtvXhZk712ALpsvEsKnBTeFhw3GTcHXEFcsmHLpUknlmhaSzhAIbPHy9pr_Zor_41oOkXbuORlxIlMnaaLedpXYUrlpiyAZG1zyzChXkJHBR8nbccQZdCdt3D6z3T_RZFud2ad4_GRSkZb59v2i02vIWUxA4HqyIgN-QffFl3ojHDXlF1by0FUykfuyTnAVlP4rsHHKF56Bj0&cid=CAQSTADICaaNJI9M6ksRWi72j4yc1jBmFtIuEUraOm3BkgRw--P6L0KO4o4ezJMcCmS-jrQf8Df2UmHbGofJQEY6-lOmg8dbojheTKi0AnQYAQ&dc_eid=31078235&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=17367999297883620000&adk=2923430907&idt=329&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 9F62 30 KB
11 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F62 41 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
DATA 200
OK truncated
/ Frame 2556 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a2b9c42598b6117eba1c7912ecbb63f00a3c76805bbdac70e9e8754a08c64ce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3A5D 111 KB
39 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Origin: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 3A5D 11 KB
4 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bs_mmlOCgQogRKLi1B3B_4-ZfdQ7rOuwi_K4v9olTaZuju1FjHKDz-Vfz3r_QwOJing-qDS1H53WnIpYgJSt1zrsFatBQQNCvxmdrB84C0ub6zOPF-n8iFVpl1f4XEjCoBDC-YeRu4VzSed6MOM7JTuVdnNrqX5bNYU1y9Nn0OgEKVFvF0rGhRAwFDIzxZjZ-E6X4k&cry=1&dbm_d=AKAmf-A29B1DWtyE_Rl2FwHHRsuwI9DZiYXQpHN7wTT07LZCi71JwERYzjNqJyKjGmskMoGCFzPVitmMdSPM80HPXTfkQmb3eKTfUYTbuCnSXqDqdVYLB9OFKbdk_aWOK9l5DiQrhCaoxhGxDnZRNLpEJTBEbIWSneTE912H27SC-PNTrQMqhLUXSbdWD9XvPSwOCOyfWbQYAGo5o6UhOgWw6MoaoIqqBzdewj5tWHBu4pz_iRPWt3S10PhOteHfGQiYvtCMWEnqiBlsxfa4cpPE-dmXVcxbz3hv6FJVQfIoAM_GBfx-KQmU73HCXSx8q4lDlEOAUFUp-klhRgfFizNfD5U50Ckl8lUVnSLds_IxUVnqW046NHqKtPcgRAGLoon_cuwJu74oF_WVLm2VWFKBPs2q7-AHZ3uehZoDrpYqJd3QQkXS4clOcqyODp3Lq-41v-_v4AvgY_z6AF5_g5HpL87L5uri7xirBwkxtJ_SdnlsJtu7fsP7m7WZKTUVzA2L0q6yUrE30m34ulUgx8RNiU0lZ1l8xFm52OqMrIgZgxE1p-kZziT0oZ_TYfHzTF3czrM_TXX4dsiu7MbPKGwuhR1SonCQYe3O9Lfoa7mqL-mLQYudlW221PLBfR5_r7X_yRE9e0mGTNLEZuJivBykwmIaIx9ZZU_jPUO_7QdNmg84a1nqB-NCp3RE8TGp6QBhcxheCi2ab0LLhLtZT9_Ip20tACoRQFI38PVaudU_C_ZA0bKEGsNXG0DtuflVzwLV1e-jwIIPOsS6SlVxNJwuunezMyt4fta1KOE3GU88M3nqzMDwyUxLqOxJf8wgLLNNJUF-c1c2GZZPn1WSy6CaJMANb9Pfd49vHMJ0kpjKk_QVQK8whgmJPrrPp0a_3y05B7Ioa8epDIajxBNYIYowi5xEmcoAkCYuIuX9bDyRN01aZrgqJlu6Y31GXLpfcFtvbPnMeNqnLPXpIU9CdRKs1Hg2Q3-tMSDNBCGv24tcepcXoINSUkyw6KDAyE9wJc0_Cq4dx3czTYZGD9gCro5GC5q7vSi7NpIwsESu1dxD1JsX2YeiBPzvGT1KkvwQ24ZKbMOMu8dN9PgXKZmOeT5CDLG4Y83RPV6BF-igA0vDKvaTbg7Gx7w10TomVUxzCI2eQb6OlxSfrLx5Knc5wcEsmajP5hBctFfIdVqhmcD-FXjyvNOVhaloC2Yh3V4WKNdeWRQfZKQHylFSDo7cPmeChYx1Ii_svAt2hZRL2q9OllaVqOAuPBdl1Id6H3JCcxhtE3c4ZGWyKnF3kooPHHDMrqXItgZ3iFqvS-rF6EgCRFrP9R0KEO6ikdYOM1YutsIUSFxV1cjcKdodXDfOSIx5BnOIEkeLttRWfrafjff5lnCG5UhizYVrxvVWjLLGYqMamjMD2nohK9iSg6uI4gwQ1eY2Yc-f2ctm1f8h0vXsEcfA4KvyH2v6c1nbCy1pLvlS3_qz_4r8LV43r7JwyZRSdHYqe3KhhUAD7BZtW1mZlAC6wwAaMUu3k3mTKNEGYGEd--zg7d5Iv87ePs2oH02MUy7K6QX8CQ7_UHZwebNRGLDFU8PK8ecqOFKyPrbVcY8gTUwPK1aQyYCnGCZEUdh2uq1CLyXyJj-MggVF73J00UHMfNhYnmvJy1XQVz2vJCaC7w3DvtdK8c9ONzGd-n1EWx_t1q95u3i1uWPPmqryn-ZOOlC2LqU05XgV3Mdti5jrjyGWCqfuhvkqBHB4IXkFzZ9LmXFmPxBQhEc9Ubxt-tbCHXgXMHaNwp8qallHItU19fHMqHp2pUkWhkVyiW9Y-pUmYyRQEdD6Y5Zdvr5PSHYsbJYK_7HcwtgE5o4cv5Be8i3vv7nhQi9NVp8OrVrezElQ9hxKX-9neesHW52q1ur50D3SHD2Ld4--PHDXhiB4bBhI6IbfyamwMoLebkFuDre6g6OWOQNZkz8zYdGdEp1bc1vTw4Zrh5aP2vkgE0rT-jFoRV4jD4BD7TMPCMbmGdb4WmEwZ0X1L4gX1kZmslSRoqYUXFdlXvh6W4UN7siaFaZ5XmwqrJ907q_ec2Db2G3QzTgzuQcbD7QZ_IJr2SKab-wfPVaLvPGl0KZn9Zls3x3V6uyrkI1cUVsiZCPyBKEbLxB9tG22yGZZtN2_2nBiKTbKYC40jR-xLZs4DOcJnNSCuECBZVuCteTy_NwrNnVCQ97aoqP9kqOkJVOOTGPIsX3Y71nr3692UhbtPXeiIUdN8ZZJRNi7h7ZlSVIlAL88rv0T7oyvejETU0LB4m51DClqPp0cVU43apxKE7IlRJ0rFdB1iJ8EJZ4SlBhSkKzHxIzFY9kWhf002Y1mN798cOyIez4jIevFSVCk5Buvun0abMRFq_erqWSIAS8rfUJAUBbB9zyYeqhq6ruv3vHKKT67z5r2yx35pw61nM5vNWj9ytoB_5g88eJhSaFy6r1LSboFVg5uo1Nwt1cE5cGCnaEQQuiV6y82sAPisMh5zYcGtTg6Ya9VY2Sfm2a8ebBZNcCW5kqAF_mQMIKAmhXmXbnplzUV_CusJ6VYCq3ZLqh8jNxQQZWyJnmXBMD6BUx_SrnzX2puIEiXTvPifie8_6iHOI_Minup7GfQfO1mjpQf6Nbtb45JzES5VvM_8zBz_LN0Qyt5RLmdVvbDVBdSvg5jRyRMgYZ8zQsjHcy_3xEfPWEn9IOjOtRZvMUBM-qunNdhVnUaEs0Uy8_hcdZ1VO8p9P06G7dSgHj4FPfVTYYmG5MrVLtPORaJcjoSwLubatOWdWReojR7zJ3Gmgzii4fM0WP8PjkKpnVFxODyZVv_ZXCBvMRLGZfR_62Wx7h8V7X-X0-5DPCuJbtP6C_nU6s2XgqmeQerjyu9A-8bnomRf4wIDUa28b4Kk7gdhIBu8NwvZgVBCR1ZylShP2xC-OtuRPXJdhq3TLnAW6HdiQo08F7Szh_Ji7cXpZslePQOgvEaQ1BspNz8bfK5D2EHUAIfyNZ9qGY-Julr_FkmSYk2cKGVI7Gv1s4GpAUXR_DOPJzpYcVafaQOUZ4KB1uM31kkK9w740hjaNbpDb_l2cZ3hsBA7ZTsBCGv2rpZsyBCU-r2RlPQaZiWpV9rQuLi2wimGQRtJuFqpHdZtJxcnNI_BG7Vhkgisra7uxiskEvh97AZxdDEl6d_eHKwyeRL6eOGvhjQiLQUVFuVv-uU87uRzHIrOvgfNwJB0Qd9tMt7fn8BLBiG-Hozv5FNRNAwYlOoSwJOHhKOWeq9xMwkkLEm9jAQhK1GqWe9PnF4W39H22gB7k1ObPRAW7fZ2EloIcxNwFwPFbqif4uRm0J3TrOdKVo7zxthlgmu7_1kAi8yOudv_b37TN9kZG0UCBoNe_fzi9gEImqkxEU02KIqIQpLre9CNw2t3J70KWMrbZ0rwIYHGsgB3xjgUUq9A9qYC-yew6587NZsiSy0UgpBGpku4eFZVx1KDNzIC_Ht8Hpt4Ku_R9r36PTe0AZgDzoJmUoqzA0Gkz3_joHzR5ATm4qBsHUbwQ5nc3qLsWb5IuR4X7fF-VdjjJuCDNNEWGUqx883xOQtom1Oko7QKt8rVsptAc4FrEOgk_y3I2YajES3AOIgZpN5V5TbOYy6d3EPQ3dmHQ-Nb9OnShMpM-zYUdyUx3ta1xCvyAscMa9pTUMHso1ddgNhPjLNw6LxKohbK3x6shw&cid=CAQSTADICaaNOCWa-2pk3EvradhamZhZBEuNoILvrV9tKo_nHqcBJcQQhdd1LasMh9UKr0cPnn2w8gS8VaSZbRDBBkiO5ioC13TgfacYs0EYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2042518793842567200&adk=1964084972&idt=135&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 3A5D 30 KB
11 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A5D 41 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
DATA 200
OK truncated
/ Frame 9F62 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc341d42a9147406472647b1c7a3437c59e7f76b5129c9e5c13f45b0cb5ec30

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 38E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

48ms
47ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ww.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 38E0 45 KB
13 KB 100ms
37ms Fetch
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc45a0583dfe8dc08d0fa92ede4e91a17e875fda030b9f3137ae3aab7ae027b6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:11:06 GMT
age: 147875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13081
x-xss-protection: 0
server: sffe
etag: "27ab2e2d3e11735d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:11:06 GMT

GET
DATA 200
OK truncated
/ Frame 3A5D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60defacc704d5d3666210f68eb1590babfead0e173674e32f2a905467573efa6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D07C 6 KB
3 KB 32ms
32ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:40 GMT
expires: Thu, 26 Sep 2024 10:15:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 49ms
48ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=file-upload.in_auto_interstitial_desktop&sy=0e363d22-11a3-44fd-944c-bf3f0f04c030&ts=71&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=870463e4-3c10-481b-aa93-f131755951bf&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Wed, 27 Sep 2023 10:15:41 GMT
cf-cache-status: HIT
age: 2425237
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d2fca27cb72c65-FRA

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 144 KB
24 KB 131ms
55ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

834aa61be9e3644a54d4668e15f573866ec7c4b4d6c410c7e8d018203a90f606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24597
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 02:58:27 GMT
expires: Thu, 26 Sep 2024 02:58:27 GMT
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2556 0
0 237ms
92ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcyRk6VMbCd6hZlV3Yj1lwE8I2WBLqVfsBvoCKKMKVunBFAgahREcslc11DDos1tHzBGINtTwTy0Zx8I5hLQpNe9AUjh7LTwacIl151meDc77P-UzSJ8dYFhhbTOFk3QshifuCN-nw6ePjgk-U55gEamvRCWq2TbtJcpt_3fHPnrOeMgjz3WShwpZn_EJpp2leBUHKicvPTwlxywgBi3JX-NP1jF5pcQc7qLga9ZX-7huNEaujj_21b3X8_8DqrcXpPYj0Lx_tvt1QjpLRKU7kvD7lp90Inys8Nx1TiYlnYjqLQFXXS6khy4GK2BacS4q07fYTiqRlH0ic5BwG5PPPvg4zvKNQ8-A06pLG8NeaGWMhQj3Kie9jxvVBb8zd041REhql03rrFAmwpDXapZeQtky6_F4IpMCEBvQl7M7udkR8iyQ9jy4flacvR7VMgXoDmbHIl8X8z2RWVGeQpJjPtBhn5-j0_4ftQW2PbdI6h6_UuWgOqXatpA8M8LT-S0jtS6H0ccX3Y3gaQ3twuQjYJVyOyrXDXIBqLQu-QV3JV6zwPQ3PXVYfKYpLWd4xdZHUfCmbhOeBvaTsZub3STn3if9Ce5jn32FE8u8Za0R1Wr_zg_aczgFCQbi-pHChwXenbvDO6xpr9Qw-nzqVHe3VOyefTTNMgK_k8aA57-iK-Skzyt-8gmiBgwv36Nfume4F6ygLNiWYnk5dwcvuBNlDAMbeRNqDWcKIEeBS6JBYIx-nlAF4truIYkA9bkZYdlCF4yeoxfdcASiOSyUsvcvL_2hYCokw2Cv40TrTpCUJtHLKe3vHU99r8Em7xnRwfwr31GiFH7w9KmvTLiRWE8afI6YGCHSykGpICYRyasljO84qDjKrl4_8EfoKQaBBZV-ogvhgmvpXWJPI8uLQNs7BjJMGNZ0hBfMR96uLT1Ra1pAPTY-XQq-IKPGs2w6c_aZkvNj2YV-0MkPzT5_ZKJjU0nbVHUg9beZe8nr4RASt0KhENTgFLstkRwt6OrE-Ll5dSHzqr3zvHRoXFemAILKr4ASY5-B5O5KCfbp0P1650_moSDRrhX5bSbBPMsPmy4bzEX3D2aOFM4ko-YX6YUSA6TNPnruRpipJ_vY67y1NpwrnpSKee7nUfwmpOiOOWiLJxh0OtSjFsajgiYNqIlPd5Axt2Mw3iKZyIIYzbHQX6zWjuFNL-9XFa5pxd3wMnX8R2gEOproqZCg8NKsC79fSUIKrVHeBVmIzuzN4kh7EX-k3z46B4QqHe-OFFqIh4EUcZk2e9f68X0Blht29NVdqeg&sai=AMfl-YQtW8IwMOWsYb_pRmz32IJUVv_CXVvtu5O1syJYTzJl-ssZcnfIsh7i9eawAfDeD0KfG_JgZbZzs2l1AFNGRy2cwUrCHe1Ow5FpT_mlNMOCQwBRnJY-5iEtRBzHYS78PEv-G1mWBSzSynbN2_wtdV2vAfRIv55BpSqb31mSQV08xTYUr4X33oeCT2qytHEfKLaacFEjTfPoBjpJHccpcbWDmKZC3onJ_8jIGi_4qC52qy262hG7H4QS6o8wxQ3j8znWw24p1W4&sig=Cg0ArKJSzKcO8fUjglNoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=428&cbvp=1&cstd=424&cisv=r20230925.26131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 4935 138 KB
23 KB 124ms
58ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be1e160981cc80e35524ee00b2cba56a5ea03b30e26c0f7f22f9a7cf62ef972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 385135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23928
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 23:16:46 GMT
expires: Sat, 21 Sep 2024 23:16:46 GMT
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F62 0
0 228ms
92ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHKZPThmschXwen57MApTH3LSVhiQRxz5_8d7L5Z1v1uh6Q1G5zNmZS5xXrr2JW_Hqfd_5HCYMovrQOBl1rEmWMcbx4iVjMutGkp8Ur85gm1uTOeuHCdRiIiiSGuwpLBMMGpb7cX5ppBCd5c8hH_E50x1E4X3ZALNFYc3QzCltxFMYZEZr6WrUFii1sqd9P7x622dnbU_7YPJtmJ8cEkS-5zSAwRHUC0FuLra82OrhlyIQeT2WjZMYDqTRlROJTOBJixy4-x96LGqxx9HRX5dK71ZD6pWiHsxioRsq3Xd2fOpoSsKDHpKNL5JB3Y5SLIn4ityTqU9u66u5D2iGv6f3Z5D1CDfmuZx_0x7hEVYQmv-3kxe13SYsULziEoeCRZ4h3KnyeXe8IOlQ3cp-0TTYxC4g8_EIEUV5gcFcKvpbQWVV-LK_6cLlnOQdMkkn5shJEXIJuPsrT2obBS76GFKJEwJvHj7CBoaNhYZ48C3SwyiuwaRw6n-UaA-3qkMCAX7Hu2lv3hpJM7ImPiEJQmt03TSt82oAaGRLiiyqVz532sDLbvAyrAQv-C0mtjzWkpxhIeg_Qdqla8QfkuuzYkyxykcSRJnxt2bQI1vYETyjhAY6wOtAdR0g3p9D68CDzAGU-cDk6nZ7JG9htlWoPkxJEaMCGAROyxPyWdO7sYJre_hGCHJK70J3Wze3EsmevHp-FXZQ2gGF1-cho8Ab8DtLVAWXWmmt_qYghtm7Kot40JaTD8JCRXNcYg4pC9VZn26ADMSK8Inbs32yERJ4MhDsdyTbFW_7jWl-Tfp_nF0vzEFbLmgC09kD8JQhvxzyrs_p3xEoDZbZWl702NyZbtIQ7xISMpNMpNrMHkUeycNjvExGQax7i3d_qRqfvLBK-SWwZaEPK78Gd4smWrKRJjPMzCWmyAofKpLLQfvssgFqrAABUTdizun072legfmrjCE_SuCbUOhfs-GaRx4ffSV7WLohUAco2WLutX_WlKNFjrioMeQQ3jp6QjwS3uKvZAz46fcinyayUdNfmACjF18NvH_wQsbZJHx8bpDKwCmrHzJ9TxpO8mlqY3WxAUGX96u3Pcf81WhzadQuIifDKagvYwFzH_OQgkWDoD6wPL6yh0OTPOw2t36chUTbsg1H3o_qIaqGXQ-ev67hmVsAcIrPQxgfNgWh_E6gxMoYOZXGQFgdnuiq5Xz7top9q9mng3HAnwZwVOrUX06aKK0cVj5V_O5nZrE42L6bJfMgdHpl_VULWONp6VcJIQF-wEFmGA0uHSxjEyCtJ0m7kI5BZ3xorEH-&sai=AMfl-YTwIeEgEFXDBZRSAdXdLUCrPWRW70X1Fg7S-V4fc4ACG6hSoS-3zt3R_QnD17lZDxHzfCdn-T27jKpmbARSvkp5XcXkHTJWHwbfDBudSLu8nqSFsIlNw0gbSMqypIx830htP7CHlD4z1ajqUHQnIpHxX0viM_C8pjHFI1lCAm5yqIrjF_piCPFx-u1LGIYQvGDmB5KVrXt3j2DwSYuFa34rfx1lW_KZz6XuFVrjJnwkvfujYv2U0-RQoj3IhfcpWJOra07uzS8&sig=Cg0ArKJSzGtSL-TZRVMcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=424&cbvp=1&cstd=420&cisv=r20230925.05963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 59B1 0
0 74ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTwWcywAUZYKNPL6O9fgPldqTwALJtq-bc76xrbiIEtnZHhABIJWbyiFglQKgAZ7b-8kDyAECqQI9rYa2ibixPuACAKgDAcgDCKoEvwJP0OCHFQBpoMe7zBxO_9mknOVfCcsZmnKCP-9Ts-Xq9ikEWQA8UHp0phkGp6egjfR6t1wMwYdStMV6oOSkTBTfqBkbfLC5rj90ZvrVQMTgEYsggszbdjo2q_NIFGjS8f8UZvZtBKJXWYYp0fxZtrErghcoLJkICe70RZIKlRxI1QnoMl1ZCDIJ9Wxy23zmpjoffyQPRIUwo3Q8c2pudYTdm1hnzf281HR7E2KSQnZkNkz4neq6PMmliPlJTLkn05yZX_PvPNAf6SxExhfg108DiiO5wF_B_0MG2tfCwDJn5_V2y54ViKOJSrX4awqIXFd0DBwSl2hRBRpHn60Vk-Lkg2Us18ylNWcr0fgFL6Z8Rj_jwUrXmJVMBwoFyvDMZPsOcC3NTiU0Tgiv3BdWaLpYaCvQt6aVzRvxGVJF7dFawAS9upyzvQTgBAGIBd3m3tdMkgUECAQYAZIFBAgFGASgBgKAB8qkhDaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCBoAnSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkwaHR0cHM6Ly9lc3RvcmUuYXN1cy5jb20vZGUvcm9nL3JvZy1waG9uZS02Lmh0bWw_gAoDyAsB4g0TCJHqoMnHyoEDFT5HHQkdFe0EKNgTCtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=3UaS-TbTD9U&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNioNcj8VdFJxXuRgtYtefntL__86H2IzSDHdXjhAaGEfF1egVqJedh3wQzGBj2-bM_hWYC8CRuLQaX5O4gRBKgsF3beMHSBgB&cbvp=2
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 138 KB
23 KB 51ms
51ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be1e160981cc80e35524ee00b2cba56a5ea03b30e26c0f7f22f9a7cf62ef972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 385135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23928
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 23:16:46 GMT
expires: Sat, 21 Sep 2024 23:16:46 GMT
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A5D 0
0 150ms
95ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso4jZkccC-9elmTmx64lwPurm8Zc89apgPm8165GC0GlHg9TTkhyrOgoj8VTZZPjsqIdoAANwwyDt-QEe4QjF-PkOVxJUfXyDfWauHK6tRSYOJvhmP5L-eDDXlOHKJEAc8Th5tETYJ6_QQ7FRhHs6MTdgoJAjDRpaKfkvYcxTpAX-hhE2lAKw3dMuxtRMpe3hffvAHKtT3LxPD7xOZYGEC7HL-LYSjCTboVJiSZSLpFASHchikcYhny7C3k8tn-tKmz_1A_SKM9eJTg8wz3RGbcpdCM-Kgwlnc6psHUiEhclS2e9fX0T9902GQMAUTAHj-YN3DHdly6Zd9O8SEnu1dabOM0NWz0D2ObZdK2Uk1avgA5vmkg1wP0M6xoB1_WiTg0Js9rzExQpYbL3crqW-kj4e7aNYKTcy_dfxcsKLYYT1fAx_y1hCa4-pU1UnetwpxzT6qkm9d-XZr5NC128cx102IlL3la5YLWjnx4Y_pHw6gZzWzKh9yA4q3JR4meZnVbVf_JhldrT7snnB1_-KWYyd3Uct4uC8I23Nzmc0Rr3FmRWN_c9vR0vnIBCV5ETjK-O8lqB0oKnKgJB8OikirpP9ALHKWuqq62XtPuZVdmrpPqpPmlBvPqRaQL8j54hEdPd7acVfIw0QGgYBK_lo6Bf2IIrGRHmn18LaS9hd0PWweL8JYCPDLkHTloU0FENTGk1idst9hKSgrKPkVdFTQqNFHfu8XjOjed7gWH3JllGFPmQOIP7PZPFUGmvSUuNzzk8EhWJIIXBx-lpI1TmSaln6tz-tiSOzldzFvVnYUHj0RW3224mjs7KZlFZZp14g5z7WVJ1Glf8yzcjbJQt5edpysVUee8XooTl-yFYsVHnMWPwMhiwIyyK9BabIfzS70PxvVkb3lmhVvg4dAQ4qO3aPrPcqmPHJu970m4EJ7ESZsjzBOR3aZvimALp0tQPmSA2KDJNSi5ZRJ4y6hb_C0xykPyu4WRGXrTYhSDFYO4t5TlmnPvflPto1s31ldTfzIB5jfcpuAhLymeETY-YGqPWnPpXKgkSsxtYisD9eQ2_yLvI6mTxJEeDZjmE-nEmBW8OKKE50tOPXqByfmuOWtReYaGLlM8JRUwEihvRK4-eViwChn-_rRpu_Uov4bafWU2uY2Ty8CvcwVn5MxrZSeskvzduiu55GNfqJAMoZ9gdUXT5y3EM5SekpJcOciaq9mYkxEDVNP5TYfrx7CY-J6zurON35V8VDwbpzGxIwfHTWHnDR7w8FON7TSYpaBioF7XXgemg9r861iyiKJFWJ6Ix1c&sai=AMfl-YQOTFbpnaTfC51uhsfUMErSpmqbTbrtf4irBO1Q468TWQjCedoi-K8hp9I9wNw936btXSgF6NMqEpqSC7shlDJ6rLFxA_OpmC32WV4hzcheUJjkcz7r3W4ZliZ0Fx4gZ5pgm7srgrxb_PzF6ks1PMtTIG9QgnjIoPt4Yyy6iK7k9SP_Eui7Oua-pcbc6uEtDAQHHosdrd11lTDLzTbef1VoCBNvcA_DTcYU4vHU9BDT7QJ7OdSjKbdsHd_gr8snAWCuX0a1Xbg&sig=Cg0ArKJSzKadzkUxKaZaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=388&cbvp=1&cstd=375&cisv=r20230925.02314&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9188 22 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 229471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D57 22 KB
8 KB 31ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 229471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D07C 4 KB
767 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 10:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 10:02:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 10:15:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA9F 624 B
242 B 78ms
76ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNVHoAZlugxK3fsTXzWUezQ6-ROdLYBFceNkYTVqOLK74DpfIH9MQCnjaTvI8V71xeH_WB_CfgvZzv25q_2jZ_M2l85bz13LKHXprF61myvzBbZrjFnBpYuFoqhUHtXtd8H4vFPFNG5RE5qYxM39o48sYUphna73LWMHDuWuCFN2W2Rp3bNjDOJslZUGCXtBgOC_SBF1rwBQmQQ2OpOZJxfVPMC0lg

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FDFF 89 KB
31 KB 195ms
192ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame FDFF 3 KB
1 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame FDFF 20 KB
8 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:00:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FDFF 0
0 64ms
62ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgHhfnxkWNGKRAngFBOx-TD6O9Mmy5t3yArXMD7j_w9q5j-y52FX4KvgxdAEOSdk5WExTAQuWruoP2y3g_T03NKBDaGw
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDFF 182 KB
57 KB 172ms
170ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:15:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFF 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLR3Z5e2AV7ifRGdTpKnD6D0i1rRMLD_2W-ijFyCgWjtRxNtzICT8yOVPbHhgkWmMUQO-yqdUAYndDeSEaqYzhgRQe1yGZ2L8HhGMw3I3CVli7AW4

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFF 0
20 B 71ms
69ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=419854911133175265&x=1&ct=76

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame D07C 20 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 20:01:07 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EA81 22 KB
8 KB 50ms
50ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 229471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2206 29 KB
10 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 06:22:23 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4935 29 KB
10 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 06:22:23 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9FA3 29 KB
10 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 06:22:23 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 38E0 0
0 130ms
117ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9GplywAUZajkO6mz9fgPh7uOwA-G8eCQc_vc-_PcEdnZHhABIJWbyiFglQKgAen0i78DyAEBqQI9rYa2ibixPuACAKgDAcgDCqoEwQJP0Ns-n96WvWCiw8cYAhoxImeFNG5AWBI56IuUkhkoPDdbgqoQjeWdNBIjnlBNpUUSjFzERYd_XP3a3B-UE6zDmDzRca7Q8Ltcf787LCg1snOrlXiSZPZ_T1EwB5j5I4tw2ZY2ppoRpRPsoJCef9KpFzl9gKzeArCQAHMaxKhCjl_1QlQ03suYqMEqJsO1_-Bo-xy9kNI6sjf6vTlYjMb_8l9KNAdLRNUXrji-6yVRSuFzS-GUu0eQqTDE1y0vrLJAdtuUU4Keh3uztRj0UrxTijb1OeLImqCe4bz3F3TuwxBRPazV1fAHwqXQPp6iZ8vHhGZiNVDmH5uny8eEIF79G6B_ivm3JqzOC1K4L8KA9Jo8Xdckb5tujJgvKbMmDyro0CwYpQHg0iGqM-PUK2kjK6UWzGx0iYe8Fh70fIMrGZfABLy6i4G2BOAEAYgF7LHUpyiSBQQIBBgBkgUECAUYBIAHxaWDQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEISNENIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCcYBaHR0cHM6Ly93d3cub3ZoY2xvdWQuY29tL2RlL3Zwcy8_YXRfbWVkaXVtPWRpc3BsYXkmYXRfcGxhdGZvcm09Z29vZ2xlJmF0X2NhbXBhaWduPUFkV29yZHMmYXRfY3JlYXRpb249aW50X292aF9kZV9kaV9jbG91ZF92cHNfb2ZmZW5zaXZlX2Fsd2F5c29uKGdlbmVyaWMpJmF0X3ZhcmlhbnQ9NjY3NTcwNTk0NDUzJmF0X2RldGFpbF9wbGFjZW1lbnQ9gAoDyAsB4g0TCKDeoMnHyoEDFalZHQkdh50D-NgTCtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=KL-4mJMamW0&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNAkrcavBnHMeobPSxNRXg8VleAnIrK1dICSmmprJSYNDdZur_i3SjLY2wTqTtwTM5lafAtoLV7EpK2B8n_z_rQUE-EYb9MKIYAQ&cbvp=2
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
BLOB 200
OK b14f1012-6491-4c7b-921f-7b191cb8d3f5
https://www.file-upload.in/ Frame 38E0 45 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.file-upload.in/b14f1012-6491-4c7b-921f-7b191cb8d3f5
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0060b6ae30c0a1cf874478b9e79752f6717825c141651abb10eee5208479cd95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 46327
Content-Type: text/javascript

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

43 B
734 B

50ms
49ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNVHoAZlugxK3fsTXzWUezQ6-ROdLYBFceNkYTVqOLK74DpfIH9MQCnjaTvI8V71xeH_WB_CfgvZzv25q_2jZ_M2l85bz13LKHXprF61myvzBbZrjFnBpYuFoqhUHtXtd8H4vFPFNG5RE5qYxM39o48sYUphna73LWMHDuWuCFN2W2Rp3bNjDOJslZUGCXtBgOC_SBF1rwBQmQQ2OpOZJxfVPMC0lg
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klVTpujEtcy8s9ajnaqlBM5oOJ%2FEGNCmNfU%2Breq7Bp1DgrUohUDCNl2EYvZGkhEh9S%2F66XYL3oWHxNeKp19dReBiA4uRDb6lZHMUi2RWNhSdC%2B1324o%2BMqL3rXrxcRQDYp1OeRswhud8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fca5acb52c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA9F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRQAzAoiBm6GqVDqmcBexQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1

43 B
730 B

61ms
60ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNVHoAZlugxK3fsTXzWUezQ6-ROdLYBFceNkYTVqOLK74DpfIH9MQCnjaTvI8V71xeH_WB_CfgvZzv25q_2jZ_M2l85bz13LKHXprF61myvzBbZrjFnBpYuFoqhUHtXtd8H4vFPFNG5RE5qYxM39o48sYUphna73LWMHDuWuCFN2W2Rp3bNjDOJslZUGCXtBgOC_SBF1rwBQmQQ2OpOZJxfVPMC0lg
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlT8RvLuFVhvlFxwGcO31NLG5fLBk5LwsyiAyXozBsW0qv9VxcOppEvjlCo37KXXrwc7JTeqFE506xKwDPOmDOEWisHHCezcwkVCSvhbLkcU0gHW%2BjglkgNseNVPcHG72BFRyqvVqlzfPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d2fca69dce2c7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMGF5Kcci8ZArs5Byi7_m18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BA9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

43 B
838 B

40ms
39ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNVHoAZlugxK3fsTXzWUezQ6-ROdLYBFceNkYTVqOLK74DpfIH9MQCnjaTvI8V71xeH_WB_CfgvZzv25q_2jZ_M2l85bz13LKHXprF61myvzBbZrjFnBpYuFoqhUHtXtd8H4vFPFNG5RE5qYxM39o48sYUphna73LWMHDuWuCFN2W2Rp3bNjDOJslZUGCXtBgOC_SBF1rwBQmQQ2OpOZJxfVPMC0lg

Protocol

Server

185.89.210.212 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
an-x-request-uuid: f9c078df-795c-4912-a878-2cfcf60ab09f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAnIYCLAs0lLNDOMzb6hTKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA9F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

170 B
188 B

47ms
46ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
an-x-request-uuid: 54d801e6-e961-4e80-9d20-080eb9401344
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxMDE1NzQ5Mjk5ODY2NTIzOA%3D%3D
x-proxy-origin: 176.10.106.7; 176.10.106.7; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9188 37 KB
14 KB 58ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:19:24 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D57 37 KB
14 KB 58ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:19:24 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame EA81 37 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:19:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F62 0
0 75ms
74ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHKZPThmschXwen57MApTH3LSVhiQRxz5_8d7L5Z1v1uh6Q1G5zNmZS5xXrr2JW_Hqfd_5HCYMovrQOBl1rEmWMcbx4iVjMutGkp8Ur85gm1uTOeuHCdRiIiiSGuwpLBMMGpb7cX5ppBCd5c8hH_E50x1E4X3ZALNFYc3QzCltxFMYZEZr6WrUFii1sqd9P7x622dnbU_7YPJtmJ8cEkS-5zSAwRHUC0FuLra82OrhlyIQeT2WjZMYDqTRlROJTOBJixy4-x96LGqxx9HRX5dK71ZD6pWiHsxioRsq3Xd2fOpoSsKDHpKNL5JB3Y5SLIn4ityTqU9u66u5D2iGv6f3Z5D1CDfmuZx_0x7hEVYQmv-3kxe13SYsULziEoeCRZ4h3KnyeXe8IOlQ3cp-0TTYxC4g8_EIEUV5gcFcKvpbQWVV-LK_6cLlnOQdMkkn5shJEXIJuPsrT2obBS76GFKJEwJvHj7CBoaNhYZ48C3SwyiuwaRw6n-UaA-3qkMCAX7Hu2lv3hpJM7ImPiEJQmt03TSt82oAaGRLiiyqVz532sDLbvAyrAQv-C0mtjzWkpxhIeg_Qdqla8QfkuuzYkyxykcSRJnxt2bQI1vYETyjhAY6wOtAdR0g3p9D68CDzAGU-cDk6nZ7JG9htlWoPkxJEaMCGAROyxPyWdO7sYJre_hGCHJK70J3Wze3EsmevHp-FXZQ2gGF1-cho8Ab8DtLVAWXWmmt_qYghtm7Kot40JaTD8JCRXNcYg4pC9VZn26ADMSK8Inbs32yERJ4MhDsdyTbFW_7jWl-Tfp_nF0vzEFbLmgC09kD8JQhvxzyrs_p3xEoDZbZWl702NyZbtIQ7xISMpNMpNrMHkUeycNjvExGQax7i3d_qRqfvLBK-SWwZaEPK78Gd4smWrKRJjPMzCWmyAofKpLLQfvssgFqrAABUTdizun072legfmrjCE_SuCbUOhfs-GaRx4ffSV7WLohUAco2WLutX_WlKNFjrioMeQQ3jp6QjwS3uKvZAz46fcinyayUdNfmACjF18NvH_wQsbZJHx8bpDKwCmrHzJ9TxpO8mlqY3WxAUGX96u3Pcf81WhzadQuIifDKagvYwFzH_OQgkWDoD6wPL6yh0OTPOw2t36chUTbsg1H3o_qIaqGXQ-ev67hmVsAcIrPQxgfNgWh_E6gxMoYOZXGQFgdnuiq5Xz7top9q9mng3HAnwZwVOrUX06aKK0cVj5V_O5nZrE42L6bJfMgdHpl_VULWONp6VcJIQF-wEFmGA0uHSxjEyCtJ0m7kI5BZ3xorEH-&sai=AMfl-YTwIeEgEFXDBZRSAdXdLUCrPWRW70X1Fg7S-V4fc4ACG6hSoS-3zt3R_QnD17lZDxHzfCdn-T27jKpmbARSvkp5XcXkHTJWHwbfDBudSLu8nqSFsIlNw0gbSMqypIx830htP7CHlD4z1ajqUHQnIpHxX0viM_C8pjHFI1lCAm5yqIrjF_piCPFx-u1LGIYQvGDmB5KVrXt3j2DwSYuFa34rfx1lW_KZz6XuFVrjJnwkvfujYv2U0-RQoj3IhfcpWJOra07uzS8&sig=Cg0ArKJSzGtSL-TZRVMcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=849&vt=11&dtpt=425&dett=3&cstd=420&cisv=r20230925.05963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A5D 0
0 70ms
69ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso4jZkccC-9elmTmx64lwPurm8Zc89apgPm8165GC0GlHg9TTkhyrOgoj8VTZZPjsqIdoAANwwyDt-QEe4QjF-PkOVxJUfXyDfWauHK6tRSYOJvhmP5L-eDDXlOHKJEAc8Th5tETYJ6_QQ7FRhHs6MTdgoJAjDRpaKfkvYcxTpAX-hhE2lAKw3dMuxtRMpe3hffvAHKtT3LxPD7xOZYGEC7HL-LYSjCTboVJiSZSLpFASHchikcYhny7C3k8tn-tKmz_1A_SKM9eJTg8wz3RGbcpdCM-Kgwlnc6psHUiEhclS2e9fX0T9902GQMAUTAHj-YN3DHdly6Zd9O8SEnu1dabOM0NWz0D2ObZdK2Uk1avgA5vmkg1wP0M6xoB1_WiTg0Js9rzExQpYbL3crqW-kj4e7aNYKTcy_dfxcsKLYYT1fAx_y1hCa4-pU1UnetwpxzT6qkm9d-XZr5NC128cx102IlL3la5YLWjnx4Y_pHw6gZzWzKh9yA4q3JR4meZnVbVf_JhldrT7snnB1_-KWYyd3Uct4uC8I23Nzmc0Rr3FmRWN_c9vR0vnIBCV5ETjK-O8lqB0oKnKgJB8OikirpP9ALHKWuqq62XtPuZVdmrpPqpPmlBvPqRaQL8j54hEdPd7acVfIw0QGgYBK_lo6Bf2IIrGRHmn18LaS9hd0PWweL8JYCPDLkHTloU0FENTGk1idst9hKSgrKPkVdFTQqNFHfu8XjOjed7gWH3JllGFPmQOIP7PZPFUGmvSUuNzzk8EhWJIIXBx-lpI1TmSaln6tz-tiSOzldzFvVnYUHj0RW3224mjs7KZlFZZp14g5z7WVJ1Glf8yzcjbJQt5edpysVUee8XooTl-yFYsVHnMWPwMhiwIyyK9BabIfzS70PxvVkb3lmhVvg4dAQ4qO3aPrPcqmPHJu970m4EJ7ESZsjzBOR3aZvimALp0tQPmSA2KDJNSi5ZRJ4y6hb_C0xykPyu4WRGXrTYhSDFYO4t5TlmnPvflPto1s31ldTfzIB5jfcpuAhLymeETY-YGqPWnPpXKgkSsxtYisD9eQ2_yLvI6mTxJEeDZjmE-nEmBW8OKKE50tOPXqByfmuOWtReYaGLlM8JRUwEihvRK4-eViwChn-_rRpu_Uov4bafWU2uY2Ty8CvcwVn5MxrZSeskvzduiu55GNfqJAMoZ9gdUXT5y3EM5SekpJcOciaq9mYkxEDVNP5TYfrx7CY-J6zurON35V8VDwbpzGxIwfHTWHnDR7w8FON7TSYpaBioF7XXgemg9r861iyiKJFWJ6Ix1c&sai=AMfl-YQOTFbpnaTfC51uhsfUMErSpmqbTbrtf4irBO1Q468TWQjCedoi-K8hp9I9wNw936btXSgF6NMqEpqSC7shlDJ6rLFxA_OpmC32WV4hzcheUJjkcz7r3W4ZliZ0Fx4gZ5pgm7srgrxb_PzF6ks1PMtTIG9QgnjIoPt4Yyy6iK7k9SP_Eui7Oua-pcbc6uEtDAQHHosdrd11lTDLzTbef1VoCBNvcA_DTcYU4vHU9BDT7QJ7OdSjKbdsHd_gr8snAWCuX0a1Xbg&sig=Cg0ArKJSzKadzkUxKaZaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=740&vt=11&dtpt=352&dett=3&cstd=375&cisv=r20230925.02314&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFF 0
20 B 65ms
64ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9705097498632&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFF 0
20 B 64ms
64ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9705097498632&version=m202309120101&ct=76&x=1&cor=419854911133175300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FDFF 94 KB
39 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNTCSrKEKdyXHkZ6Rc-EPaKBbFwBroCBCGuBw1lqliAHm0DIA-ZfQ-XGTNHqkZp8f5OnOERSPHwDdfpWOPD7AQNmgHvQ&cry=1&dbm_d=AKAmf-D_KK4wRDuKv1HHy8ijzzcVqWo-U9HNEfXMrfwff2uUYZ0-2pPqNv_ytoI_Xj8JDpjJ93p8BRRIEBfNxz5AhbM41rTCrdxv6-RBj15Wjv48nc7YJWqFem4320qDC7o78y5AmLjGuCmKX78pDLY-_3SN2tnf9_5t-qb--3ePsIuMubMf-ewunlaLItZ3vbi92wrmXuNHxKf56HQJgUjat08a8IsmAxhQGpDAAYsQRf013qA-t-WrGCcbHMjPWpSHhKkpbuvpe2JufdxT65CmMdIhLXXrEiyl0q8G62r5NJiOJQufz-p2-u-L0aB_RvSmubTs93GShDKWiKhVXDnsYW2Tv6icGC9NWZq13MTYd6EAQHJydOIRx0Yx9rzOlTbHDrDTXu85SP7CJAA22pttKkFU7cm6oK1pyzaxU6FjTHOhfHCh6sQUlsIdi8VPiQe4QCcXaLmSbg4yt-V-Ktv5_XsWBYAzaiuBI2dq4R6iiQowQus6Ek3V0tT7cFb1qw85yHht6x3VkztRod4AnuWk5cTivUGJxR8ZUsl3pzapi-cY0JfAQtZMEs6yWZPi7d8jYH367AcQ1smqk7Dm1N6EOZ6hA_HdbHt66pSbEE7BVa4yzjmrxMLf22OLOfBBi7MRF4HmfU-DBVj0v8pBkP9w5fHWhHgr7WX_GbI1tay34iBbzGEqDYdGBSTJxT4tDq7US2dI3MCm1smJLwhURGL87FAoRliGjFiVEbUxWbpZhjfWO1iHcbj-Kp1qvc48OXGjMERypUu2KfroHvkjHMTN2QMIv1vReRRredWzUtAmb_zXVVKhEnJsmWlk9ehPP78psT1yzRp7ecEVnpwmJH3foib-icase42WnNV7b5ADqHTTHuG2YfxUgW7J6UAtd3Tb0MIPmwrwzJEnRvbqG3RhY4Cmfr3xo38-J9cNbyO3wPtDS0PoXyup81VRt0fCxx3-qFHu7kYg2CF7zXYFA-hwU2ndG_2CFbDjK7D9ihQBkeWryeZKA0b3we06uTUYCu5idw-i01D8oHHZbYK8bbHl_jjMXBxJgawEkG91G_VkVB1ilXmE8iRkGTKoMShb6Q-r1WU4Y3ofNFueMpw8bKQzm7ICu-CLPQ4qxHxg6oSQ0wuvxtX82l8kZdHmKITGwW5r4RQURZuDXQRLzKeMHhtQe4eIvVcJZxBCdUX8tRTbo3uIqILe33X3rkoa8AXtkUVT3JmY2zVaEhtgUKM8cAK7QIo3_A2MYmUOxKohD-MNBl9b1HuPC2sdH03CY3FQ5ypmTATL8diX77cI_CYgl5RKT6YmlVP7DWpW_miXn2PT6MeQYTkqqIrS-OIsRI2d7YkbalooZJfOvyeUL8tdFmXX0rUtyvPGe3uaGF9To_K_Dpg2chLPPXOQRT7sQQi2hsSDwMCCNSEXGv4LvGNnlJfYxRPREIAvoZGKp5lj0XFngJ3gdZGeG5ULN7_y1vK2sEZK3VDe3RSwJc4IgNK4C3Bo0_psHy6HOFcHVQEPmvnhDZSRUy5oBue3eYh9-00Hc3lsGNkgUH3r361yetWnJFb6ykpiM2AQfN_RdWREcUmbHZ9au1Lfo4CkqSr1anjr3KHd7pDPyf3AWHxt9tSCK4wEJMtyd5MiWbxa7NBJHGKk7hbN2GbJf6BiRcH0-p0I3WZYLG6imf-RRtIVkbR1_xvkSWx3tDVzeVEV7v_z6TpHcLS3AH6148TcLrSmBT6FHRCKJghEcxS0BiDgS5mNGoLseRsmIVbqNb6DIC16m59ca_g0Ktdmo0RqZR43fEz8FCSSJKQiT0Gl1TNfhM4eW0zmyozQW3NF0lK0hG0siCP4i6zOIBbdVs0UlYeMLDkinxJs9EHbWe9gzTq--lRmFrHdhzoKpZd21RWQ21Tdzt1vH8aHVSrOaAnDvPP_bhMvxaEfgFwD01OQvfPC6q7dX07mQqqXg81CU74t-iLgMcnZvj6sWx4odJ3Di3XJ4nUMIehG3YJz-3W5QfLc2j3On2vL0FcoVGMC0nx6LmFcL4JnWa5T3383faNjlybfzZZlg_ijhOtQtsgO6p4zvU3MB3uzeVC0I3usaADLAveWg3PUsGmEL8GXZ5Gh5X5AXCkSwNFiSqz1ZYkbv26Wb7iczlg3qZB101NbRw5XU807R19ai9IpZNCzlO_FC8onKTzEAaT0SIdY0cNqxJLtuVsL5N-wYPjl6J6PA0FVTYOGSFOrPxIul-Xh99-2aKtEBV4rYWdqqoGB6OW9U1MIVisTCLgcfr2KBd-W9OSneX2fwcoA6WhU7a3UnwRC-w6txyHAVWCrlRxr5Jydi2f8v3vycx0oWKk524-O-J5_YgZCtphGHJVc2M-Xm5CzcMweHZim6Zuy4JPuVOwR5oCUdDsE8ghH2hvw7FTWrGN8NHqEwozMO0L4hxYaaJFrjqIB9cBIUTOkA6g-hzsA93Nsd1jeeO1-vcifTs_YajzZsGCoOTTX31bS9ePEQsNgAtA3GLxT8LYQDkAiOw-DKUHvyu6rBQZpVmCBGFNcf-4R_pySq_fOQ-uWOszDiV4t3revH3QRrT43U9LrBGZYfN0HEvje-Ewt_lB77DXudR07FD7hTL5_qmSvryxMWhX6og5smt89q0pkDW7oLs7Ysq8nt4K-aEvjJ-bSLUiTCwOIlUCwNCXZQGyBsiQDyURcLZa9ahYpR0idxZ20PBLdwmo5yTbLD8NPbd7XSe1i01Kk36jjAdnvFyQAZEs9Z1qwpOMc7R3R5OaDpL-IrVqJ0RmJPu4z7bXQpXGiYNjIO9pGJKdjcerutqTbcpIl_7ra6MBdQKX6r13Re4A9xagef1M0qJXZt26i_OAhc-WE-VVC4F8h0xXOSAcCD6jPB28aSDDUSpiTxHhRzWmpLQAQVMCngUq9Jgx6x8FvQIPUaNnCIsf8R1OSAd8gN8cWDX6sniULjbobCnDrFK7OUpZAw_a3W7xDdMHXSxFByWNIP2aGjKVBs3_k4V8AwT12nK-6AJ5XOp12jciGlMzT1HSmSxtml_TgV_iPWqIlPHnCHDG5EnOBTRPTRPsIR0rz8Q6upoJM9TdYbkZIB-Om3sp4CI0Nc65rtzY5YP6aTgldNY2bdgSAHZw_5N1kXwFtSlc8tvXC6XilSoUqMlTTW1FacChwfMsO8WNOEgtYrs2xzFydAHA4UOQz4_uofEJeLDlTacZjzkgXWrskgES9hoTcI1-rM1uy8-zP6J2nqlms0esbPQU03APdr9UHmIPgc8TtFnty0PYxUkfDB-DByMKsvZI1XO8QnnmzRfJJZ9FCFJbt3DfCzg7xCk9p8WDiQO4OkwolNstgZhZzPTEjrkaAWoTwKJn93B3NpHXtn5Ehhf6W3pofxQIhvA2occQPaUOf7g0M1aoEWvNQBvIH3I2Xxobl3ZnE_iFGsv9hRM-XeFLHb5fVJ4kQRm11WFxba2JIe1uaO37Yzzfe-BIQGkwpmCFFyxARdvPHCWy5w952KQo9a91sTKt5yVmNHf6gmsutMfusroaaYLAaNNAT2x7R_OcZPfmQddPhcjPwJ4_35-ZGQy0ExwxaTO7iyW9EVAJq0_NVufP-UUQf_ORNT-mHHOwa7rmzlChl2sp5ZGHjeQ&cid=CAQSKQDICaaNbix-yvVv2rAiz5WoAunTiNoMfwdzBqsPNrKmrjY2ZEXyH12RGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=419854911133175300&adk=1877897943&idt=203&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4999a2d16e9db2390106143ae211ce59d04528c4f9f0fa4c8894a341f56837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39503
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2556 0
0 71ms
70ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcyRk6VMbCd6hZlV3Yj1lwE8I2WBLqVfsBvoCKKMKVunBFAgahREcslc11DDos1tHzBGINtTwTy0Zx8I5hLQpNe9AUjh7LTwacIl151meDc77P-UzSJ8dYFhhbTOFk3QshifuCN-nw6ePjgk-U55gEamvRCWq2TbtJcpt_3fHPnrOeMgjz3WShwpZn_EJpp2leBUHKicvPTwlxywgBi3JX-NP1jF5pcQc7qLga9ZX-7huNEaujj_21b3X8_8DqrcXpPYj0Lx_tvt1QjpLRKU7kvD7lp90Inys8Nx1TiYlnYjqLQFXXS6khy4GK2BacS4q07fYTiqRlH0ic5BwG5PPPvg4zvKNQ8-A06pLG8NeaGWMhQj3Kie9jxvVBb8zd041REhql03rrFAmwpDXapZeQtky6_F4IpMCEBvQl7M7udkR8iyQ9jy4flacvR7VMgXoDmbHIl8X8z2RWVGeQpJjPtBhn5-j0_4ftQW2PbdI6h6_UuWgOqXatpA8M8LT-S0jtS6H0ccX3Y3gaQ3twuQjYJVyOyrXDXIBqLQu-QV3JV6zwPQ3PXVYfKYpLWd4xdZHUfCmbhOeBvaTsZub3STn3if9Ce5jn32FE8u8Za0R1Wr_zg_aczgFCQbi-pHChwXenbvDO6xpr9Qw-nzqVHe3VOyefTTNMgK_k8aA57-iK-Skzyt-8gmiBgwv36Nfume4F6ygLNiWYnk5dwcvuBNlDAMbeRNqDWcKIEeBS6JBYIx-nlAF4truIYkA9bkZYdlCF4yeoxfdcASiOSyUsvcvL_2hYCokw2Cv40TrTpCUJtHLKe3vHU99r8Em7xnRwfwr31GiFH7w9KmvTLiRWE8afI6YGCHSykGpICYRyasljO84qDjKrl4_8EfoKQaBBZV-ogvhgmvpXWJPI8uLQNs7BjJMGNZ0hBfMR96uLT1Ra1pAPTY-XQq-IKPGs2w6c_aZkvNj2YV-0MkPzT5_ZKJjU0nbVHUg9beZe8nr4RASt0KhENTgFLstkRwt6OrE-Ll5dSHzqr3zvHRoXFemAILKr4ASY5-B5O5KCfbp0P1650_moSDRrhX5bSbBPMsPmy4bzEX3D2aOFM4ko-YX6YUSA6TNPnruRpipJ_vY67y1NpwrnpSKee7nUfwmpOiOOWiLJxh0OtSjFsajgiYNqIlPd5Axt2Mw3iKZyIIYzbHQX6zWjuFNL-9XFa5pxd3wMnX8R2gEOproqZCg8NKsC79fSUIKrVHeBVmIzuzN4kh7EX-k3z46B4QqHe-OFFqIh4EUcZk2e9f68X0Blht29NVdqeg&sai=AMfl-YQtW8IwMOWsYb_pRmz32IJUVv_CXVvtu5O1syJYTzJl-ssZcnfIsh7i9eawAfDeD0KfG_JgZbZzs2l1AFNGRy2cwUrCHe1Ow5FpT_mlNMOCQwBRnJY-5iEtRBzHYS78PEv-G1mWBSzSynbN2_wtdV2vAfRIv55BpSqb31mSQV08xTYUr4X33oeCT2qytHEfKLaacFEjTfPoBjpJHccpcbWDmKZC3onJ_8jIGi_4qC52qy262hG7H4QS6o8wxQ3j8znWw24p1W4&sig=Cg0ArKJSzKcO8fUjglNoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=911&vt=11&dtpt=483&dett=3&cstd=424&cisv=r20230925.26131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FDFF 111 KB
39 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Origin: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame FDFF 11 KB
4 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNTCSrKEKdyXHkZ6Rc-EPaKBbFwBroCBCGuBw1lqliAHm0DIA-ZfQ-XGTNHqkZp8f5OnOERSPHwDdfpWOPD7AQNmgHvQ&cry=1&dbm_d=AKAmf-D_KK4wRDuKv1HHy8ijzzcVqWo-U9HNEfXMrfwff2uUYZ0-2pPqNv_ytoI_Xj8JDpjJ93p8BRRIEBfNxz5AhbM41rTCrdxv6-RBj15Wjv48nc7YJWqFem4320qDC7o78y5AmLjGuCmKX78pDLY-_3SN2tnf9_5t-qb--3ePsIuMubMf-ewunlaLItZ3vbi92wrmXuNHxKf56HQJgUjat08a8IsmAxhQGpDAAYsQRf013qA-t-WrGCcbHMjPWpSHhKkpbuvpe2JufdxT65CmMdIhLXXrEiyl0q8G62r5NJiOJQufz-p2-u-L0aB_RvSmubTs93GShDKWiKhVXDnsYW2Tv6icGC9NWZq13MTYd6EAQHJydOIRx0Yx9rzOlTbHDrDTXu85SP7CJAA22pttKkFU7cm6oK1pyzaxU6FjTHOhfHCh6sQUlsIdi8VPiQe4QCcXaLmSbg4yt-V-Ktv5_XsWBYAzaiuBI2dq4R6iiQowQus6Ek3V0tT7cFb1qw85yHht6x3VkztRod4AnuWk5cTivUGJxR8ZUsl3pzapi-cY0JfAQtZMEs6yWZPi7d8jYH367AcQ1smqk7Dm1N6EOZ6hA_HdbHt66pSbEE7BVa4yzjmrxMLf22OLOfBBi7MRF4HmfU-DBVj0v8pBkP9w5fHWhHgr7WX_GbI1tay34iBbzGEqDYdGBSTJxT4tDq7US2dI3MCm1smJLwhURGL87FAoRliGjFiVEbUxWbpZhjfWO1iHcbj-Kp1qvc48OXGjMERypUu2KfroHvkjHMTN2QMIv1vReRRredWzUtAmb_zXVVKhEnJsmWlk9ehPP78psT1yzRp7ecEVnpwmJH3foib-icase42WnNV7b5ADqHTTHuG2YfxUgW7J6UAtd3Tb0MIPmwrwzJEnRvbqG3RhY4Cmfr3xo38-J9cNbyO3wPtDS0PoXyup81VRt0fCxx3-qFHu7kYg2CF7zXYFA-hwU2ndG_2CFbDjK7D9ihQBkeWryeZKA0b3we06uTUYCu5idw-i01D8oHHZbYK8bbHl_jjMXBxJgawEkG91G_VkVB1ilXmE8iRkGTKoMShb6Q-r1WU4Y3ofNFueMpw8bKQzm7ICu-CLPQ4qxHxg6oSQ0wuvxtX82l8kZdHmKITGwW5r4RQURZuDXQRLzKeMHhtQe4eIvVcJZxBCdUX8tRTbo3uIqILe33X3rkoa8AXtkUVT3JmY2zVaEhtgUKM8cAK7QIo3_A2MYmUOxKohD-MNBl9b1HuPC2sdH03CY3FQ5ypmTATL8diX77cI_CYgl5RKT6YmlVP7DWpW_miXn2PT6MeQYTkqqIrS-OIsRI2d7YkbalooZJfOvyeUL8tdFmXX0rUtyvPGe3uaGF9To_K_Dpg2chLPPXOQRT7sQQi2hsSDwMCCNSEXGv4LvGNnlJfYxRPREIAvoZGKp5lj0XFngJ3gdZGeG5ULN7_y1vK2sEZK3VDe3RSwJc4IgNK4C3Bo0_psHy6HOFcHVQEPmvnhDZSRUy5oBue3eYh9-00Hc3lsGNkgUH3r361yetWnJFb6ykpiM2AQfN_RdWREcUmbHZ9au1Lfo4CkqSr1anjr3KHd7pDPyf3AWHxt9tSCK4wEJMtyd5MiWbxa7NBJHGKk7hbN2GbJf6BiRcH0-p0I3WZYLG6imf-RRtIVkbR1_xvkSWx3tDVzeVEV7v_z6TpHcLS3AH6148TcLrSmBT6FHRCKJghEcxS0BiDgS5mNGoLseRsmIVbqNb6DIC16m59ca_g0Ktdmo0RqZR43fEz8FCSSJKQiT0Gl1TNfhM4eW0zmyozQW3NF0lK0hG0siCP4i6zOIBbdVs0UlYeMLDkinxJs9EHbWe9gzTq--lRmFrHdhzoKpZd21RWQ21Tdzt1vH8aHVSrOaAnDvPP_bhMvxaEfgFwD01OQvfPC6q7dX07mQqqXg81CU74t-iLgMcnZvj6sWx4odJ3Di3XJ4nUMIehG3YJz-3W5QfLc2j3On2vL0FcoVGMC0nx6LmFcL4JnWa5T3383faNjlybfzZZlg_ijhOtQtsgO6p4zvU3MB3uzeVC0I3usaADLAveWg3PUsGmEL8GXZ5Gh5X5AXCkSwNFiSqz1ZYkbv26Wb7iczlg3qZB101NbRw5XU807R19ai9IpZNCzlO_FC8onKTzEAaT0SIdY0cNqxJLtuVsL5N-wYPjl6J6PA0FVTYOGSFOrPxIul-Xh99-2aKtEBV4rYWdqqoGB6OW9U1MIVisTCLgcfr2KBd-W9OSneX2fwcoA6WhU7a3UnwRC-w6txyHAVWCrlRxr5Jydi2f8v3vycx0oWKk524-O-J5_YgZCtphGHJVc2M-Xm5CzcMweHZim6Zuy4JPuVOwR5oCUdDsE8ghH2hvw7FTWrGN8NHqEwozMO0L4hxYaaJFrjqIB9cBIUTOkA6g-hzsA93Nsd1jeeO1-vcifTs_YajzZsGCoOTTX31bS9ePEQsNgAtA3GLxT8LYQDkAiOw-DKUHvyu6rBQZpVmCBGFNcf-4R_pySq_fOQ-uWOszDiV4t3revH3QRrT43U9LrBGZYfN0HEvje-Ewt_lB77DXudR07FD7hTL5_qmSvryxMWhX6og5smt89q0pkDW7oLs7Ysq8nt4K-aEvjJ-bSLUiTCwOIlUCwNCXZQGyBsiQDyURcLZa9ahYpR0idxZ20PBLdwmo5yTbLD8NPbd7XSe1i01Kk36jjAdnvFyQAZEs9Z1qwpOMc7R3R5OaDpL-IrVqJ0RmJPu4z7bXQpXGiYNjIO9pGJKdjcerutqTbcpIl_7ra6MBdQKX6r13Re4A9xagef1M0qJXZt26i_OAhc-WE-VVC4F8h0xXOSAcCD6jPB28aSDDUSpiTxHhRzWmpLQAQVMCngUq9Jgx6x8FvQIPUaNnCIsf8R1OSAd8gN8cWDX6sniULjbobCnDrFK7OUpZAw_a3W7xDdMHXSxFByWNIP2aGjKVBs3_k4V8AwT12nK-6AJ5XOp12jciGlMzT1HSmSxtml_TgV_iPWqIlPHnCHDG5EnOBTRPTRPsIR0rz8Q6upoJM9TdYbkZIB-Om3sp4CI0Nc65rtzY5YP6aTgldNY2bdgSAHZw_5N1kXwFtSlc8tvXC6XilSoUqMlTTW1FacChwfMsO8WNOEgtYrs2xzFydAHA4UOQz4_uofEJeLDlTacZjzkgXWrskgES9hoTcI1-rM1uy8-zP6J2nqlms0esbPQU03APdr9UHmIPgc8TtFnty0PYxUkfDB-DByMKsvZI1XO8QnnmzRfJJZ9FCFJbt3DfCzg7xCk9p8WDiQO4OkwolNstgZhZzPTEjrkaAWoTwKJn93B3NpHXtn5Ehhf6W3pofxQIhvA2occQPaUOf7g0M1aoEWvNQBvIH3I2Xxobl3ZnE_iFGsv9hRM-XeFLHb5fVJ4kQRm11WFxba2JIe1uaO37Yzzfe-BIQGkwpmCFFyxARdvPHCWy5w952KQo9a91sTKt5yVmNHf6gmsutMfusroaaYLAaNNAT2x7R_OcZPfmQddPhcjPwJ4_35-ZGQy0ExwxaTO7iyW9EVAJq0_NVufP-UUQf_ORNT-mHHOwa7rmzlChl2sp5ZGHjeQ&cid=CAQSKQDICaaNbix-yvVv2rAiz5WoAunTiNoMfwdzBqsPNrKmrjY2ZEXyH12RGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=419854911133175300&adk=1877897943&idt=203&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame FDFF 30 KB
11 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 13:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 13:57:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FDFF 41 KB
13 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/ukekm9t19wmt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A938 1 KB
643 B 35ms
34ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 19:46:49 GMT
etag: 48472445140208031
expires: Wed, 27 Sep 2023 19:46:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cta_1.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 1 KB
1 KB 36ms
35ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/cta_1.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323c3a7620f281c3dec17c62880eedb507c94659cb0728f980c2525700fad172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:58:56 GMT
x-content-type-options: nosniff
age: 51405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 19:58:56 GMT

GET
H3 200 a-g.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 14 KB
14 KB 44ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/a-g.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbd57976b302987c53e46e63692739122ffb921401dbf2f7820773808d4c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:51:22 GMT
x-content-type-options: nosniff
age: 383059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:51:22 GMT

GET
H3 200 a-g-innen.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 7 KB
7 KB 48ms
42ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/a-g-innen.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b0d5c7c580159888574dc455c537588a838751dd155cd164b884d6521341d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 10:27:30 GMT
x-content-type-options: nosniff
age: 344891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7142
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Sep 2024 10:27:30 GMT

GET
H3 200 bild.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 92 KB
92 KB 44ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/bild.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2798da552ae859878af181355f18726e43e2192759b5c9001ab7181328a8328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 22:20:46 GMT
x-content-type-options: nosniff
age: 388495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94610
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 22:20:46 GMT

GET
H3 200 a-w.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 7 KB
7 KB 51ms
45ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/a-w.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30bf44ce56bb42d0e100bdb5531f4bc2eaa537b154087d8f113e89395795efdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:09:31 GMT
x-content-type-options: nosniff
age: 385570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7094
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:09:31 GMT

GET
H3 200 blatt.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 70 KB
70 KB 62ms
55ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/blatt.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e6c49f049e369bc42b758e2fe38cde2cf2dd3e53c285b2f7cc1f19568f355b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 07:55:22 GMT
x-content-type-options: nosniff
age: 526819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71407
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 07:55:22 GMT

GET
H3 200 4.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 2 KB
2 KB 88ms
82ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/4.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93d62bfa1822d2aba97206e7c41ad0f11c7e58647fbcd6ec2a976b2a38537316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:22:12 GMT
x-content-type-options: nosniff
age: 384809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:22:12 GMT

GET
H3 200 3.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 3 KB
3 KB 87ms
81ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/3.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2816e4b00982f489b106c7f0886ad9f7816b92029410d340c3c70ed725d3d1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:51:22 GMT
x-content-type-options: nosniff
age: 383059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3333
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:51:22 GMT

GET
H3 200 2.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 2 KB
2 KB 82ms
76ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/2.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae999d7d36908cc39b0b6010cfdef99d7bc287d85926cda87b0d4b41b0ec1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 16:40:31 GMT
x-content-type-options: nosniff
age: 322510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2395
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Sep 2024 16:40:31 GMT

GET
H3 200 1.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 3 KB
3 KB 52ms
46ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/1.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb50e9b2ca2ff0a23de0d63896e2da60396a8f6d776fab30eef9b3cc1fd93b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:31:27 GMT
x-content-type-options: nosniff
age: 413054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3520
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 15:31:27 GMT

GET
H3 200 mask.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 5 KB
5 KB 81ms
75ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/mask.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19ceefaab32dcb61413b77c608bd86817173ca4b3db0e40cd225db78e6d950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:09 GMT
x-content-type-options: nosniff
age: 181352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4673
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 07:53:09 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8445964901340353595/ Frame 2206 6 KB
6 KB 52ms
47ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8445964901340353595/logo.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b27de30387307b506599f10749d0878781aa011b92be7ac78a50660f18fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8445964901340353595/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 06:53:23 GMT
x-content-type-options: nosniff
age: 98538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6108
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:23:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 06:53:23 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 2 KB
2 KB 49ms
44ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/cta.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2302076e84edabf24a17155c3d0d5e162c07b82d0e1b76f647bba68e4c5d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 19:50:08 GMT
x-content-type-options: nosniff
age: 397533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2324
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 19:50:08 GMT

GET
H3 200 a-g.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 14 KB
14 KB 106ms
101ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-g.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbd57976b302987c53e46e63692739122ffb921401dbf2f7820773808d4c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:53:36 GMT
x-content-type-options: nosniff
age: 382925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:53:36 GMT

GET
H3 200 a-g-innen.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 7 KB
7 KB 117ms
112ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-g-innen.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b0d5c7c580159888574dc455c537588a838751dd155cd164b884d6521341d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:58:12 GMT
x-content-type-options: nosniff
age: 490649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7142
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 17:58:12 GMT

GET
H3 200 bild.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 92 KB
92 KB 89ms
83ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/bild.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2798da552ae859878af181355f18726e43e2192759b5c9001ab7181328a8328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 11:23:03 GMT
x-content-type-options: nosniff
age: 168758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94610
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 11:23:03 GMT

GET
H3 200 a-w.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 7 KB
7 KB 106ms
101ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-w.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30bf44ce56bb42d0e100bdb5531f4bc2eaa537b154087d8f113e89395795efdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 09:11:01 GMT
x-content-type-options: nosniff
age: 522280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7094
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 09:11:01 GMT

GET
H3 200 blatt.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 70 KB
70 KB 107ms
103ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/blatt.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e6c49f049e369bc42b758e2fe38cde2cf2dd3e53c285b2f7cc1f19568f355b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:14:17 GMT
x-content-type-options: nosniff
age: 363684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71407
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Sep 2024 05:14:17 GMT

GET
H3 200 4.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 4 KB
4 KB 45ms
41ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/4.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bef46f75f10da65be6e193f3eda991beddc861b16b1a7c991a1cfdcde3afb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 04:18:09 GMT
x-content-type-options: nosniff
age: 367052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4257
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Sep 2024 04:18:09 GMT

GET
H3 200 3.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 7 KB
7 KB 115ms
111ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/3.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb20efe30d972b439f91320bec21fefa719133df892bd182da292b18751506b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 04:09:19 GMT
x-content-type-options: nosniff
age: 21982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7544
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Sep 2024 04:09:19 GMT

GET
H3 200 2.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 7 KB
7 KB 103ms
99ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/2.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba3abef08ee0039372174c3d4c0d42744f4a7fad74558c9b69f29aa921bdcaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:53:36 GMT
x-content-type-options: nosniff
age: 382925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6831
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 23:53:36 GMT

GET
H3 200 1.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 18 KB
19 KB 85ms
81ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/1.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76bf72752334db75f153221a6cf4bf22fe14c2c8c610ce37e792dc94d2fdd4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:02:10 GMT
x-content-type-options: nosniff
age: 533611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18936
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 06:02:10 GMT

GET
H3 200 mask.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 5 KB
5 KB 105ms
101ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/mask.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19ceefaab32dcb61413b77c608bd86817173ca4b3db0e40cd225db78e6d950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:04:29 GMT
x-content-type-options: nosniff
age: 475872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4673
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 22:04:29 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame 9FA3 6 KB
6 KB 85ms
81ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/logo.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b27de30387307b506599f10749d0878781aa011b92be7ac78a50660f18fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 04:09:25 GMT
x-content-type-options: nosniff
age: 453976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6108
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 04:09:25 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 5444 28 KB
5 KB 33ms
31ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 172118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5393
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 10:27:04 GMT
expires: Tue, 24 Sep 2024 10:27:04 GMT
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A938
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_cver=1&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMe...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7863c9a8086c1955&is_secure=true&networkId=14000&version=1&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_cver=1&google_push=AXcoOmR-fI1C...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI__Xl-PQPywNYauuPAAAAAAA&expiration=1695896142&google_cver=1&is_secure=true&google_gid=CAESEFoiVpOBrdx2cx-co6VC3...

170 B
188 B

71ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI__Xl-PQPywNYauuPAAAAAAA&expiration=1695896142&google_cver=1&is_secure=true&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMeGtB1FLO1OtDdeGFk0KFrmI0yQTnOwPG6sJz7ZcZO5xFNKGw

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI__Xl-PQPywNYauuPAAAAAAA&expiration=1695896142&google_cver=1&is_secure=true&google_gid=CAESEFoiVpOBrdx2cx-co6VC3IU&google_push=AXcoOmR-fI1C5Y-sUdSevBM0CyVli0mPSXl99qGwhHw1t4S2y1jUKMeGtB1FLO1OtDdeGFk0KFrmI0yQTnOwPG6sJz7ZcZO5xFNKGw
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A938
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13...

43 B
426 B

231ms
215ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80d2fcaa3c8d2c3f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 55
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKk6RZHsyxFu2ILwWh-5MoU&google_cver=1&google_push=AXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ1LNGChXWOQIzYfnZjXvm4SeLUtslIX7MeJjWrkRQYiNUSFp4yWCJ-9xFQGcgViIa16CV6MUbiiB2uK0PLRTKgVUOFK13d%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80d2fca87abc2c3f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A938
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEL4nM8SMciSv4ZJnnLT_0tY&google_cver=1&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss9u_IMnmstlFKH
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B29986A751A94969AD22C1F15B30782A&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss...

170 B
188 B

39ms
38ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B29986A751A94969AD22C1F15B30782A&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss9u_IMnmstlFKH

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Sep 2023 10:15:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B29986A751A94969AD22C1F15B30782A&google_push=AXcoOmRw6noeVK2iqiZqWHdhRZn7abG6Tgt_UhqfkxUADWYyCjEI4YglwpjmQeOpjUNDBToYN2D5tcn9L3AY6ss9u_IMnmstlFKH
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 26 Sep 2023 10:15:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A938
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECfo1TdOeX738WhULFPs03w&google_cver=1&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG0...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECfo1TdOeX738WhULFPs03w&google_cver=1&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecg...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW

170 B
188 B

44ms
43ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWeVA_PhZOINr4mzcgUYoS-HrlVrC2hKoA-BUnkTdZXYD5SWckD5YGgxG2TEG-ExV3WtHd4ViO-J1xedTtZzecgG024apW
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A938
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDAVGtjlFkzQV01GnKnHRZ4&google_cver=1&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yq...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDAVGtjlFkzQV01GnKnHRZ4&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yq...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw&google_hm=dVM3R21fYWdQNklBRV...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw&google_hm=dVM3R21fYWdQNklBRVFiSTVhSjg=

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Sep 2023 10:15:42 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQiKPnzT9BvH2MJdDbLedetrIil6lmEeJfIUhrkeOQ9lPW6W1XnAbe1AOlANcBNRqvPsQGLKzYTQ44yquAvhtGjZVBdoTpoaw&google_hm=dVM3R21fYWdQNklBRVFiSTVhSjg=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A938 0
12 B 52ms
48ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsHlPQZhMZCqmk0g7oiSvh260HmguWGgf3t6DKrYGdOYDrg246f38jYLE

Requested by

Host: 6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
URL: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cc6b3873eb176a8a951ef41188915745.js Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 5444 131 KB
37 KB 34ms
31ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38112
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 86A6 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 229472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A5D 42 B
64 B 140ms
78ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6zJMUjhKd6WGBv1pjT5ZN2B-93TdpZCUStChmva4x6Ay-DM74tyJEd05nPzxvJAC79RMOhblRpbTKrAlFJz4DmRcCXRQ0vkx4hfsHfurSPCJ6NQ-tSVTVAiZCFzwRIbfuKY01gAjC7PH2&sai=AMfl-YTvnV08uHNG7MccR86fFt8SOR6q0i-Nvj_SHxPFb-VNWEhW48G-TcvOcKpafBNF0WBYSqKcf_i9-uzpmH7JZDyH9wGiIqBvDM_kSY05s7CJ42eJm7A_ptNptgdTyARIjbO9NhcDqNrW4ADfqg&sig=Cg0ArKJSzPVL1RcAqFPHEAE&cid=CAQSTADICaaNOCWa-2pk3EvradhamZhZBEuNoILvrV9tKo_nHqcBJcQQhdd1LasMh9UKr0cPnn2w8gS8VaSZbRDBBkiO5ioC13TgfacYs0EYAQ&id=lidar2&mcvt=1055&p=231,315,481,1285&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20230925&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=554408032&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695809740463&rpt=655&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 59B1 42 B
64 B 109ms
108ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHwR1fy70cJ4XapvwfUAl0xRo_wobpyVfVGUHuQNLbP-cJO1qDem0E6HGOMOuncgfwZjOIW8xN7KKHJe4YSDgdyVbF4V_T11sQrWVybp9KOuqEu-JNkace1YxqpkF1hzhzGU9jd5BVkLiTT2U2l8pGTfRlw2Aqlrbops2f_Pg&sai=AMfl-YSk36X3EHsT1_H548phVvhEaax8qRvLlwfjn2iusWon06MfkrPpRzBcSV1P1phnq_z3sgZ7rb9xAO_dFzE42Sq93_GOl0ME0z5_bHg3_mn9uDvaQuRp7Y9rTjD5xwj1SnjUQfxyItOGwVk7&sig=Cg0ArKJSzAfS6uaYw1BMEAE&cid=CAQSSwDICaaNioNcj8VdFJxXuRgtYtefntL__86H2IzSDHdXjhAaGEfF1egVqJedh3wQzGBj2-bM_hWYC8CRuLQaX5O4gRBKgsF3beMHSBgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1050&mtos=0,0,1050,1050,1050&tos=0,0,1050,0,0&tfs=721&tls=1771&g=100&h=100&tt=1771&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 1 KB
650 B 73ms
69ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 35e60908e3a830df0c098dc57e9fb916.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 18 KB
18 KB 71ms
70ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/35e60908e3a830df0c098dc57e9fb916.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18512
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 6e63dc6db0229c6b77723858da8f9e7b.jpg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 8 KB
8 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6e63dc6db0229c6b77723858da8f9e7b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 10:25:15 GMT
x-content-type-options: nosniff
age: 172227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8524
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 10:25:15 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 5 KB
3 KB 71ms
70ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 86A6 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:09:52 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 5444 173 KB
80 KB 39ms
39ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
82ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cefeffbff4fbbb1a4ee433d3cccdf33c5f2ed969c3bdd7ae89e9e983f19ad3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12020
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 1 KB
650 B 47ms
47ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 5 KB
3 KB 45ms
44ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 ade14ddece1fb96d3c38225539814db6.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 6 KB
6 KB 36ms
35ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/ade14ddece1fb96d3c38225539814db6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6377
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 38E0 42 B
64 B 74ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxv0AP2jxlUZYyjaukkh3t8ZaF8onP8SZN_ZXJsooJkDE4kRMmoIs4p0s6jw_2q-TccQBye_sFRNQwB6_nWzTxLWMWTEjwAk-oZobUnP006jgA0HvQC2arLZ845CnWvQywB_cefof15sSOdMjO-qJAaHgcF1DG2SSPvCpei4Y&sai=AMfl-YS8Syo3_9XNAsU1Hsdwa334nK8udLPYjaUqr2c2MbN8XRgNPINIchNhqI6esakgn6WRVb6oiqcsjhp_Xvssl05Nn999xTmatiDyRmmTL83jNAJOZipRdwul3kGlRP902WaQbsQzKGGU_DOpMw&sig=Cg0ArKJSzLq627bzWRanEAE&cid=CAQSTADICaaNAkrcavBnHMeobPSxNRXg8VleAnIrK1dICSmmprJSYNDdZur_i3SjLY2wTqTtwTM5lafAtoLV7EpK2B8n_z_rQUE-EYb9MKIYAQ&id=ampim&o=288,611&d=1024,300&ss=1600,1200&bs=1600,1200&mcvt=1069&mtos=0,0,0,1069,1069&tos=0,0,0,1069,0&tfs=844&tls=1913&g=100&h=100&tt=1913&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D57 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDeJyzAAUZbDyLNuXx_APn6Gy6AsAAAAAOAHgBAI&bg=!UlGlUR7NAAbbC4-Z-ws7ADQBe5WfOInmw0TNRyOnuBHYLYOQtuO9AS7KL8NpjbWQtuvI6mwKLNWHLCdn4TSyTeqyJDNVAgAAAo5SAAAAC2gBB5kDCPYr6e0Piw8TKMHtyoiuaKOI_0tFJ0SDki1OZdhvGAv116bZmrSsNmWbk4st77S9mvKq6TU0yEBvhPcNm_dHzBu6xz_zPLtg51RaBauxQG4rjQGGHYbCQC9FkSjP1w-BqtjvJq93TMmdJWzZuyfeWui8RIQHqkZqy54D1lK-xtA14AHJh_eR8GgJjKxMAMzcyDrgv1b6EvfbNM4FqzJmtQkC3OYXZfbevqP1NYFlNMO8PvzvMFrPA1b27egT3e71auqXCs9oOFmiAO-brY3zKcA0DcHq0AlwuJ_8uk9LjFmlA6OrzZd8AN6igQcX0SsOaPklLyoeAE8yRL3ZZ1xhnz9j6T1Ka08W-Qq2oCSF0GKLfasEXauCHQfqIqejlNvRZUbPHxLd_Fgc_xSJjKQU2iopqyIw676R0e_uZmvOKUfxODz9Gye3RjGzjK4QHG4kMXA0FJu7RHCjcLu1XxqTleAaAi5CMkk1_P33X7xlkjkKjc53TFHvBKL0v8KIirOMhUS6alkafdWQ8RvQvbkv1trbPTqatBjPScXhbrQe9wK3i9JPTQDMtuE_WW_-kdn7c2VBzWzUHcX0nP5Gt0_5mz_hp4spr9PcIQ1fzrEGOnm2HVX9sj-luj9v8ZLuUPdI1jvlaxGwv_2tdJkW9Loh7IpWhKHmpzQTx91VYcAZSHmlAQYVGXQV_0JFVObac8movE1C0QlqwSeZ5J7HVSoJJzd28uk4_fzQmRZ1jX81OhDPffDJUG8RKoez6mYyfOfI3V21pY9bAg8ytTuG7q1S4Q4pUg8VZ--R8p4xsjOjJzg7zJkoDWLCKw26BfJWl_l6W2MTHHflJXoS3jrYl3wgZeG3jq1N6U_m0zn64wGbwiyUh28UW6z6SLHgSJ_JHtF_CgCa-u_2m6-nT98VbDt1t-hLXgWh8L1YmbOoKEKEkNuzUw7iZ9XbOr3-_TkNJR01EbLndS7pXDv96BcC6biqE31WI8T3G2oTcoo0RfEAR1Lv7yd23iO5Zc1-RnfNyODeEf_6Isq1h5Oq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 10:15:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA81 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNwb8zAAUZa_LLbHhx_APseevKAAAAAA4AeAEAg&bg=!W1ilWBfNAAbbC4-Z-ws7ADQBe5WfOH_nctNIyDdUFafmaoUxtaGHrTXwHLzSBWMoqWLT_P4Ert-eAYUlgtFoifEdgALrAgAAAtZSAAAACGgBB5kDDdNy-YRudC8y5Nd9IIaEWJr0Rs9eRBkTPOQkf-X1SEARD4wOqBK7sjK-VAVGPAdnMvTCWiBJ88z3RSDTzTD9ExmrRvEaN1TWMXTSRUwhyl4-On9WIciBKJn7IR3SYgk7ZTiRbQmwhom5WGEKEGyb1tWuo9t3WDIZI9MqkbEpqLSCozjpzeA8fUW2VedkAoSrbuDO0mdHg5b21XpnW1ey4xzsFkopK38w8jx_hMG3zGC9ZEaYlL1yeCXGn652INXurXcXH7ZVDnHQ2akUtXkd7V8wCrBOQkZZR2KwbTNvAZho6cM0S0yYz8Uyk045mcBJfzBi46sNl16vMRLgo9Ng31c2QEHhrDzRQLLa13l5gd1Gn1t-K7q3FDIUtp8RwfGqXUoLuywL1BKWpknnQJtKqcStVhJSXmSJyfaYcjlSILmoZFp53VXYyjRrt5v1MXZNktsMCDhI-Ju9pvQiICGRO3xmNzrVsMS3gJXyy-MHna6jbKsLC6uyxyS-OyOOJZEn3qbOtFeIT0VRZIGqXJL3YL_JwniqrqhaQIEFd40VIt-2dWUlXQSVxDfCeFgZCo4iWY-rYpE-RfnJJ8InAdQTMhKCJE8JX4OQtv2GZUrM4V9EAvu7FlBWUGknVvHBH6-kRd3LyI73bbq5d2nUoAQ9PS8UdnLkvagElFImTPju6LuYGfHQ8YiD_T0TdQWiNar0hMuyNFYe3Zy_4xFB-TpJWH9ZfeprFzVOLNKxHHHn9SUQtKfeq_nIvbWWYYC2KYAoUiLCBk0BIu2iTxpQhxIXbDsdE5p2nB2ep27qecLbocOIDt4rRuPXk8XUwcFWswxltPS644uPyqFiKineYHKb2T0l2jPbSs-Q1HWw5EqQLTirwE0q_DfWZ9lRvgvvUx29oke2dGcvXs5PY6nf1ZPVN5hQBbelRL3Ae-fIRMXjp8b4DjdFEQu50-iQz1jDRKu6aP-caak4wn4c6DhXiZ9VcQBJGXFZwrUdZm7JwleaTaXxrdsU_LYijz4x-A5pSqteF6u15jNrMCjQxNIjWkg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F62 0
20 B 98ms
98ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9265033843576&version=m202309120101&ct=119&x=1&cor=17367999297883620000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5D 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7404019142750&version=m202309120101&ct=119&x=1&cor=2042518793842567200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2556 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=183280397102&version=m202309120101&ct=119&x=1&cor=5313795986441983000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2657 13 KB
5 KB 30ms
30ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 09:16:21 GMT
expires: Thu, 26 Sep 2024 09:16:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F16 829 B
560 B 42ms
41ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01544b7fb08179c0cce64b67765dec00948d07ee9d3519da90c0f4871e2f171c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TLb_6fswR6zZMnTUbddEFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TLb_6fswR6zZMnTUbddEFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:15:42 GMT
expires: Wed, 27 Sep 2023 10:15:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9188 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg3euzAAUZb3LKvqTjuwPj4yDsAcAAAAAOAHgBAI&bg=!zs2lzYLNAAbbC4-Z-ws7ADQBe5WfOEMh-CUwgPelNSXhrVEYf9Q-B_9HfB08BVxEQ0A5L3lREZQu1Xn_bw2lzLQiPjqdAgAABAJSAAAACWgBBwoAPmwXZ_nFAiFwvG1HqMJylMbYNvg62nmsDVcSN2pn38ECrEesloc7CducIjpDIrZgV-YcI89BMF8zOCtAquBfmQMCvxUzI9o4-BAAE3alE_o0N7OtbvcFTNMnFU8yKuUhLq--aBdU4zg9xT39sEWS6rkd13iiP9PYupS5QNq-Whm8OoHmfBWh6ocTfgzERtz2GCvx91mXojHYjto5Esr820SyEOiHsWsp9xTYio-oI0Zxw2cuEElg6iisG6AofPObO5eVZeY-fueYFg6nqPm3v0BgpGNYgdbhKpVsq5nKTbgNh7qQVlnoaeVS3vILTE2aykxsxW4pGe5Mgp2_ayW3OjoF3rVKSq70up7ojLxVhtBQnisblzILI-1yN6ou8pkm8kxn_QWJmdv_99y0IiktkhuA9zU3-zSTmouxFWtCQlf-7XQv7LPWVYE4N82i0hCze9fUW4N_j6XQJSjeJcvc-PZjAO1ByXqWtB15WLiNJX6K5vqspwHWJlUTXJJ4WnPlsTxIXq33zPL4fgi1_ErOtPIeHeHBESFiyeKhuDXH95yYOReCqQ8XbPic0delAZBP-hbJz9lvub7q5M6T1_uiKN8ANJ9ZMkLaXOg-4k6hMqaqNTiVyUbFuZm06_1qpvDG7AQ0LJVQwo17RGiFrLbFO3IZpYNgxM2AxEiODgXzi6Pxb5dY_d1M33iL4mhNO3-zz2sXiRpyq0klXeqked08M8iNDmU_MxK6THoQudPZoydNrRvqjmWMebvM5yoYs-erPeeXKpMM9mjg-2gzgH8ANwaKiB6TWC94qmj0Ydouz6M2aj_va9Lhb466PoIxCb9Ey6AD-QJx-At6Oop57dKq-0EW8ezjdjp3yx38V5UxLU4WmsAWIF_4wP7D3a_VvDUtcde3jFiXrQar4jzp8ssc5fMohOJBS2OpXsvLbQctsDcImPcKYfxjaq6dCBbE3Ivu6O24EuI5FQ9dh58R947Fx3ytKa646gFyXsdrEQTa6sV6VgGzNC7EbA7sQcJ-Ap2uNoRNzAgk_jlr82hknbgMfUXE4Ou4ruDoFpdcyRBuq7IpepDmTq8qWOC8VI9jKHkOn8YRn7ZizGClj0-CAkCG70YVKn0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F16 0
0 64ms
64ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210101&jk=326070468126667&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2657 37 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:09:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86A6 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMlKyzQAUZb_QLYOzx_APjOqMqA4AAAAAOAHgBAI&bg=!sLOls_zNAAYrDsWMCw47ADQBe5WfOB13oQx_ax83q-WsWYgHbG9KVYLweIHbyvZJldkwB9DtBzN82SSw1s1j0SJ6S5gKAgAAAjpSAAAAJGgBB5kDVC5XiQl2pKY8zssos_YJVYqkS1ooyAhw8uretr8h9XT_gs-hxmE7I1Uxlxfkd3XiYYiY8PihuTAqUL6mfjeEEEPwWUkcJN3sFzXIVrzkDso14FmM3ogkCvVDlouDS625weBUnkMY8N0hxCx0ogks4SYX0DaGauS0bs8v6-DjgVWzvP08GkqPY6zPwdXZllXWuGH3rT6D8EG6yNUpH42mv_wj5GevKToOM6Ozni_QlDDm16HSlVFF2FeCja1PdnBTH1MlvUeHP043RsQxN-BtAcfb9M9FctH4qYyVfbMo864zgh0v1F_mmJyI9thFRWJQqj7z3b1xoexu3jchK225EXZ8wGIqaBbXZcRsDVz0daqO8oPYGQQ8-bihjh_K3_DMjD7194aXSrXBmCC_PilBNrZ2-PplIiXHn7-MQqz6kQV_gb_Hesn5vemf81EJUPCJqOLDN-wK2o7SnIsIwKjMQyJLA5e6JZxv8rvHdwk9tZNsA-DOiX7V_gXmtp5keWAh44QoFDtkGBk-FcFcw76vH539SP-YCi3Gn2tVR_KgAxxHsjfOAQ70IyhyaFRpe0z5aPCFW2f5k04GPiPexP8bfs4Lhcs6bdYynHJtFYdQ_nqCHgXUPpO3zlJJ3EfGLQFUxsLXfyQaRr-jDqDnV934AS9wbZbKof7mY6lq8cU3ABmmadvJE-I-TQcpzhdHco3TABqg3ndbYRjWrVs7YqkFAsc_lsKKWwQ080Xtxdz7rYV3YwD7csJAL5YmC0Cs_RpwqOpEBeDs9YISk7uRpY0pWBHsvjQamXKMeZD8ODNX0eVwBDSDvvND8bMiwefxFH-suzKhEuljMsCjdVas8p1jUziMKmd94GAy9EFm8B74L18bjSaU8qtqfgo1qHc_o9lR85oDW5W4R3g70YsQPyL-HNTMxDBwVE99XEdYtpqpR_6r1JXpdgqc9ZnxaFNPMMF7lt2yBB5ZX7G5YbMzBhYAHOvUCVXvkO5SsyYfzbTKrV6m59MqLB-DGv6ZyrrWVoVAPmXzpj4RAAfizDhiyIhIAdz1U1-p0S00pggmE1ydWOdbfK467fOwkKJR-ZmbnMNklaQTwRXax81gUYc9VJqPass4Ojj_6qpQ7QIN1QAw_gXM8TUqDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2657 0
11 B 30ms
29ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j-0PUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:15:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFF 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9705097498632&version=m202309120101&ct=76&x=1&cor=419854911133175300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:15:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309210101&jk=326070468126667&bg=!enmleTbNAAYrDsWMCw47ADQBe5WfOGRz1u-sQn0Y03xV6efgc9eM5NMgV5dghVAsQ3AmltA967aGLPJ-DbNDZyAwPhmpAgAAAfJSAAAACGgBBwoAyIkL8Y0X4iKGRqCGIvUtIxTSx-Hy3ylSgCAsX5XJ0K5LneaBN8ocSG4f6-flPSiyzK_0RhJ1f5YV9hTMv8-io4jN3KQfg1OY51ORkFJL1ybkN6PRtBC3BNs4-t2R8dfhjVJ0jk7aBAiffPpMoBdJPiAfFR1vWz_ByTAu1vgiwfGMMhLU-YrfNeDk5w4S8pbwv5_M8aHOqjcNXwUpaxyBJO0INWV1TkndHatghByTKxceUnsAEYzyNB7Lj4mAq85WCnP7R29BPL24mQLBJ3sS3FFIYbzSZFx87wUKA_PuLvSqgrhpF0cca1dcmsVLTLHkUQ2GGnVj_TvFdDKDREGTKt0P1Cp6scyRLkwnnhSxjUKz3RNSJ1kyhAqaYlYAtC6U02FXrdQAQR-kNKl8gwiEY4FXUlEV-SZtHtcdsiQPImfWHP8CWRpNrljw43llacIIfYWPneoMHcd0v7k8Owcn3Xqdx_wqQWPBBnVE9w72y4rhNSaoq6ZkY-P1AnY4qghK_o6mbrb50cpSdaK6ESKMyGG5VrsdT3upYxij4mSCmPhkeEDimKWtTFXmvtbdU2_fYPPrY5H-qrsIXk3t7SS4Tp79lYqKG4GiQmIan27t__hUxj4PezKqH8N4700CdSAueGJCsiwZ8rnqe76xqAaF_4oh58Xz8V5pCTazfkSOep4uNzcPW0JNIMXzPctdW9gaXKauG4ryIusDdp5BGr7F_LOw20LQfb9U9vnxtHyeXelokry-9-n4HmgNI-4KbATJJ2gGxRzXMLhqFfkPG4i_wdNh7zUEk-SZzomJb-yA-C77yz7YsLVN4-KIktlt8HLQiKqmSQFbM6rhIo__xHLRdENehAeP8ud2iYIh5m1SXzP4fpdjbDDENK7ek-J3sBQqJ98JmK7OTfIeg4XwsQ0TDL-rS8YPrw7vk3oZj3fbuL4-oUsYp5H8ulGQa9SYQVloP8KFWe5YICys-QryI834pI2jTSezTgDVay2cZFEvOcZ_qHXe_Omre2gpPngGnkbt0vS8tYCzZX_q3ORssDufTOZ9OyMtZFk4-d9bFWEUTChVUyCIvxXE_kmdy-KgW-W_WHbLjamnU2M2fOBPVtEQM15H-GTFyV48pvRCYKMLyRxJ5iOD_DwnQ1TC8I59rOpoql5WFS8VoOn_ZOsSYiovb41o9VEudsYeW-IAsKY67E4jzol6u1yOoirpSyGy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 18e69e740fc2e818b3a337f11496090b.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 13 KB
13 KB 34ms
33ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/18e69e740fc2e818b3a337f11496090b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:49 GMT
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13192
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:49 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 5444 5 KB
3 KB 32ms
32ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:45 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 5444 172 KB
75 KB 34ms
34ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 11:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 11:05:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Wed Sep 27 2023 12:16:38 GMT+0200 (Central European Summer Time), path=/
live.demand.supply/	1970-01-21 00:39:29	Name: demandSupplyTi Value: 870463e4-3c10-481b-aa93-f131755951bf
.demand.supply/	1970-01-20 15:03:31	Name: __cf_bm Value: NmUfhoYK6Ho3tkWYV9izWpV_MRoJc_lFPN5Ytbf9Qcs-1695809738-0-AcLZ2l8RuiG1GXSEkm2vdky5gJ8XAyvqgSmmHmgFyHxAqbLO5K7AAPQ0BdJC6HmczxksRF5PRnTMQ+0MFzqEcM8=
.file-upload.in/	1970-01-21 00:39:29	Name: _ga_3T7TKCZCC9 Value: GS1.1.1695809739.1.0.1695809739.0.0.0
.file-upload.in/	1970-01-21 00:39:29	Name: _ga Value: GA1.2.1451295552.1695809739
.file-upload.in/	1970-01-20 15:04:56	Name: _gid Value: GA1.2.885807806.1695809739
.file-upload.in/	1970-01-20 15:03:29	Name: _gat_gtag_UA_119779859_1 Value: 1
.file-upload.in/	1970-01-20 15:03:29	Name: lotame_domain_check Value: file-upload.in
.criteo.com/	1970-01-21 00:25:05	Name: uid Value: ccaca4e0-c7fd-48e9-ba1e-dc715ee814f9
.crwdcntrl.net/	1970-01-20 21:32:17	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:32:17	Name: _cc_id Value: a01f58bf42a4ad51b1a03c51db76cef7
.file-upload.in/	1970-01-20 21:32:17	Name: _cc_id Value: a01f58bf42a4ad51b1a03c51db76cef7
.file-upload.in/	1970-01-20 15:13:34	Name: panoramaId_expiry Value: 1696414540203
.file-upload.in/	1970-01-20 15:13:34	Name: panoramaId Value: d6b2b56fd3275159c464fe66305e4945a7021eef90b7ef041d443d0cbf3e9a5e
.file-upload.in/	1970-01-20 15:13:34	Name: panoramaIdType Value: panoIndiv
.file-upload.in/	1970-01-21 00:25:05	Name: cto_bundle Value: hu83qV93TnpXR1d4cUJlY210WWxkOGpHb0NMQnNqdXRsbE4ySjBHalJPZmpSUiUyRjFJNFRldWx4cGtleWlqNmdqb2JFeGpYS1lZN05QRGxsejlzcEZDZHhFNyUyQmdBaUhLaFlnRUFOem4lMkZVdlVKSEhKazJBVlRaclJocVhZUDBaTFBsNXdoWU1GQWt2Z1Mzc1dKYTdVSTc4M2tFUXclM0QlM0Q
.doubleclick.net/	1970-01-21 00:25:05	Name: IDE Value: AHWqTUmNh_Uw6qW90kUyehqmmxA1chJxzb8EjSfDS_KNC7Sm3JYhPIaOuM9jWAmK-bE
.file-upload.in/	1970-01-21 00:25:05	Name: __gads Value: ID=923ea3ef47a7ea10:T=1695809739:RT=1695809739:S=ALNI_MaheJruApotymVBGlVpS4gOaERO2g
.file-upload.in/	1970-01-21 00:25:05	Name: __gpi Value: UID=00000cb1df5ce17f:T=1695809739:RT=1695809739:S=ALNI_Mai5GsP1IzErmcKBBMRC0aDf8XT7Q
.adnxs.com/	1970-01-20 17:13:05	Name: uuid2 Value: 2610157492998665238
.casalemedia.com/	1970-01-20 17:13:05	Name: CMPS Value: 3276
.casalemedia.com/	1970-01-20 23:49:05	Name: CMID Value: ZRQAzAoiBm6GqVDqmcBexQAA
.casalemedia.com/	1970-01-20 17:13:05	Name: CMPRO Value: 1122
.doubleclick.net/	1970-01-20 15:03:33	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 17:13:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%3L/5to!A#Fe.TOKKnyW<U1`VROYQM-:E#MB2_bEZ%9(v#zQsf44T%*<4a$:%ue]A@P/X%W#.wL4W1Qw0mG+')Y
.simpli.fi/	1970-01-20 23:50:32	Name: suid Value: B29986A751A94969AD22C1F15B30782A
.dotomi.com/	1970-01-20 15:03:29	Name: DotomiTest Value: 7863c9a8086c1955
.de17a.com/	1970-01-20 23:41:53	Name: guid Value: 1.6173829441694442307
.tribalfusion.com/	1970-01-20 17:13:05	Name: ANON_ID Value: amntuJy4ZawFBA9MAIAno71ZbBtXZdjMFvbERDQE1T2iHo9ZbxiUGFWrjQXZbJf8Yv3t0uOTonYe8cV1pO1AtjNjWZb8uZa
.zemanta.com/	1970-01-20 23:49:05	Name: zuid Value: uS7Gm_agP6IAEQbI5aJ8

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c89ddd69d0521732471d600f2a24e6a.safeframe.googlesyndication.com
a.tribalfusion.com
ajax.googleapis.com
b1sync.zemanta.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
certify-js.alexametrics.com
www.file-upload.org
104.18.26.193
162.19.138.116
172.217.16.194
178.250.1.11
185.89.210.212
188.114.96.3
2001:4860:4802:32::36
213.155.156.184
216.58.206.34
2400:52e0:1e00::1080:1
2600:9000:2250:7000:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:3036::ac43:b1f7
2606:4700::6810:5514
2606:4700::6810:8516
2606:4700::6812:19ad
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a06:98c1:3121::3
34.96.70.87
35.204.158.49
52.31.175.73
64.74.236.95
65.9.66.68
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
0060b6ae30c0a1cf874478b9e79752f6717825c141651abb10eee5208479cd95
01544b7fb08179c0cce64b67765dec00948d07ee9d3519da90c0f4871e2f171c
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
02773c25306a7d447e182dbef391844f39ea477423b8714f3544e6601de34964
076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0ae999d7d36908cc39b0b6010cfdef99d7bc287d85926cda87b0d4b41b0ec1f0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
11787dab1b3e3755c5f3142b54c8f8ddc3207dc7c4ab9ebbcac55e061abe99b1
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
1b0d5c7c580159888574dc455c537588a838751dd155cd164b884d6521341d13
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2816e4b00982f489b106c7f0886ad9f7816b92029410d340c3c70ed725d3d1ab
2a2b9c42598b6117eba1c7912ecbb63f00a3c76805bbdac70e9e8754a08c64ce
2cd3f05decb1d9c26bd68a2cd2d13b1584eebbb92f78c15adbc894d02c6d4307
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30bf44ce56bb42d0e100bdb5531f4bc2eaa537b154087d8f113e89395795efdf
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323c3a7620f281c3dec17c62880eedb507c94659cb0728f980c2525700fad172
35e36b073d459685198a2a5c0a09f038434af11937ef4089fa8845b4aab7447f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a88c6df57cbb495496939655970a50a93f193dd1ee3b78ec527b6d71afae47
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a
5441e552caa81716204d2485db3da5be7e7d40df0e8d780031bcd27addc5c41f
54f23b69db10d44412b00bbe5a93d72581e81b24b592f5a8d3b8609487a60613
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5b55c99c501be4e9ee6045b17bf84f67d13676c35612014acebed687fea7a27d
5bc341d42a9147406472647b1c7a3437c59e7f76b5129c9e5c13f45b0cb5ec30
5be1e160981cc80e35524ee00b2cba56a5ea03b30e26c0f7f22f9a7cf62ef972
5d9d9655537edf7cc9d104447d3f87880836590d76970ee13b1ff96066dffba7
5eb20efe30d972b439f91320bec21fefa719133df892bd182da292b18751506b
5ec639cea5b66196d63a0a7e77434d5e77d8a181dca06be3c10a937662d22d1d
60defacc704d5d3666210f68eb1590babfead0e173674e32f2a905467573efa6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a9b68e8e326754bc203248ba49cf7c18e8a6424719a3b304594b69a3da627e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67f450141b3020acb654e2aa3fdee48b3cbc906c0964e7a29dd77e4730f51c62
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce65125f810a0db8423999450e5b83d2ce156a437ed3109dfaa2e8a4da47b77
703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
78d01bf8bdbccc1cc50d31ababe4f905b09e6ca67b4881ab5291bb8befd24810
7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
834aa61be9e3644a54d4668e15f573866ec7c4b4d6c410c7e8d018203a90f606
83c638e9be20153f6217e492e41e78c8b3fdbbfa966ea33aebe6622e4290bd48
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8b9a1db2032e4c7ba72475a0ceeb342b08605476ef6fa46067d1f10641e55717
8cbd57976b302987c53e46e63692739122ffb921401dbf2f7820773808d4c0a8
934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00
93d62bfa1822d2aba97206e7c41ad0f11c7e58647fbcd6ec2a976b2a38537316
98b27de30387307b506599f10749d0878781aa011b92be7ac78a50660f18fc75
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5
9bef46f75f10da65be6e193f3eda991beddc861b16b1a7c991a1cfdcde3afb5e
9db55525413b5bb6da3accde5d0cad8e6ab9d6d0a27a1627e6752ef12d70090d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a15b63f87a0eb83f59ee83f04e8f7fbd0f4d463b42ae1486043df799adca516e
a18e6dcf59e6aa1e0099501968a5d8662aed724b6eb1ed6ee88b50aae98cc1da
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
adf78f79b0606670978e34ce28d41e3bd377aa7dfabf302119dccb61c4eb207d
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0e6c49f049e369bc42b758e2fe38cde2cf2dd3e53c285b2f7cc1f19568f355b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b755120c055530b033201cc3f87a5402d13aa713c117b581cc2ba41035f65e46
b8f66ccd7ff3fca0cf4ae1cb17ddd5baf847cdfc5be4b957f851cc99af7ac2c2
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba3abef08ee0039372174c3d4c0d42744f4a7fad74558c9b69f29aa921bdcaf9
bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8
bc45a0583dfe8dc08d0fa92ede4e91a17e875fda030b9f3137ae3aab7ae027b6
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c2798da552ae859878af181355f18726e43e2192759b5c9001ab7181328a8328
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c76bf72752334db75f153221a6cf4bf22fe14c2c8c610ce37e792dc94d2fdd4d
c9ace28c8e1c645d3aaf66699f23b4e6f398cb8235565e3d73a0f5491664f0c4
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cb59ceca989729f42fba16b70970e2f1359851c5f19697e9cae03a47d02b277b
cc534450e8fceb2562aa45eeeb10aaa96ead2e1163692d47057caa60a223fb27
ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1
cefeffbff4fbbb1a4ee433d3cccdf33c5f2ed969c3bdd7ae89e9e983f19ad3bb
d979991db1f2f9588ce76fa96ca0f0f348276019bc6111cc63667306fc03e69e
dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a
de2f42f7788041968ac0aeaf63dba36d5ef022bf9a9314ea195abd0d0eec8505
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
df184e7f038274ed02a5e6aa41ef7f77769b48ad29267b97c96ef75927262a4f
e19ceefaab32dcb61413b77c608bd86817173ca4b3db0e40cd225db78e6d950b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4999a2d16e9db2390106143ae211ce59d04528c4f9f0fa4c8894a341f56837c
e4d56d981f929457070f0c0096d3cbef2d64a671a27159427d4e79d578a4fb60
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a4bb06d076965c4a5669f24b5e3fbca7ff195c22f623e8d291524a6880f96d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9f2ad892fd46ba9e8a42c647238d20e5bb0b08366edbcb043995803acc3f183
ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7
ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2302076e84edabf24a17155c3d0d5e162c07b82d0e1b76f647bba68e4c5d8d
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fdb50e9b2ca2ff0a23de0d63896e2da60396a8f6d776fab30eef9b3cc1fd93b9
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

www.file-upload.in Open in urlscan Pro 2606:4700:3036::ac43:b1f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

282 Requests

90 %HTTPS

68 %IPv6

31 Domains

43 Subdomains

36 IPs

9 Countries

3419 kBTransfer

8817 kBSize

31 Cookies

32 Outgoing links

Page URL History

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

90 %
HTTPS

68 %
IPv6

31
Domains

43
Subdomains

36
IPs

9
Countries

3419 kB
Transfer

8817 kB
Size

31
Cookies

282 HTTP transactions
7 data transactions