Submitted URL: https://www.file-upload.com/wxkhqan2vv21
Effective URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Submission: On December 01 via manual from US — Scanned from CH

Summary

This website contacted 54 IPs in 10 countries across 47 domains to perform 267 HTTP transactions. The main IP is 2606:4700:3031::6815:3355, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.
This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
22 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
3 2606:4700:303... 13335 (CLOUDFLAR...)
32 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:245... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:201... 16509 (AMAZON-02)
1 52.85.92.52 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 141.95.98.65 16276 (OVH)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 52.48.81.28 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
3 34.98.64.218 396982 (GOOGLE-CL...)
3 3 37.157.6.243 198622 (ADFORM)
1 2 67.220.226.232 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
4 24 216.58.206.34 15169 (GOOGLE)
4 184.30.16.183 16625 (AKAMAI-AS)
4 11 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2620:1ec:46::44 8075 (MICROSOFT...)
26 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
10 185.89.211.84 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
3 3 213.155.156.166 1299 (TWELVE99 ...)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 172.217.16.130 15169 (GOOGLE)
3 3 52.29.13.21 16509 (AMAZON-02)
4 4 50.31.142.31 23352 (SERVERCEN...)
2 2 69.173.144.138 26667 (RUBICONPR...)
1 3.114.121.123 16509 (AMAZON-02)
1 2 51.89.9.252 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 216.52.2.39 30282 (AS-INAPCD...)
1 142.250.186.34 15169 (GOOGLE)
267 54
Apex Domain
Subdomains
Transfer
57 googlesyndication.com
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ade.googlesyndication.com — Cisco Umbrella Rank: 293
355 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
395 KB
32 demand.supply
live.demand.supply — Cisco Umbrella Rank: 57430
47 KB
22 file-upload.org
www.file-upload.org — Cisco Umbrella Rank: 965698
550 KB
13 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1605
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997
87 KB
11 bing.com
www.bing.com — Cisco Umbrella Rank: 60
40 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r5---sn-1gi7znek.c.2mdn.net — Cisco Umbrella Rank: 837803
1 MB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
67 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
579 B
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206 Failed
318 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
eu-u.openx.net — Cisco Umbrella Rank: 2473
us-u.openx.net — Cisco Umbrella Rank: 491
2 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
33 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
8 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 587
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
38 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
917 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1 KB
3 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
89 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
10 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
175 KB
3 file-upload.in
www.file-upload.in
11 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
588 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1053
104 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
147 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14517
10 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 6834
44 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
713 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2660
46 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 file-upload.com
www.file-upload.com
439 B
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
267 47
Domain Requested by
32 live.demand.supply www.file-upload.in
live.demand.supply
client
26 tpc.googlesyndication.com 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.in
www.file-upload.org
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
24 pagead2.googlesyndication.com 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
www.file-upload.org
www.googletagservices.com
24 cm.g.doubleclick.net 4 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.in
22 www.file-upload.org www.file-upload.org
www.file-upload.in
20 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
www.file-upload.org
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.in
11 www.bing.com 4 redirects 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
10 ams3-ib.adnxs.com acdn.adnxs-simple.com
cdn.adnxs.com
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.org
7 s0.2mdn.net www.file-upload.org
s0.2mdn.net
6 www.google.com 1 redirects www.file-upload.in
www.file-upload.org
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.googletagservices.com securepubads.g.doubleclick.net
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.org
4 b1sync.zemanta.com 4 redirects
4 fonts.googleapis.com securepubads.g.doubleclick.net
s0.2mdn.net
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.org
4 googleads.g.doubleclick.net 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.file-upload.org
3 www.gstatic.com www.file-upload.org
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
3 pm.w55c.net 3 redirects
3 d5p.de17a.com 3 redirects
3 cms.quantserve.com 2 redirects 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.adnxs.com 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.org
3 adsdk.microsoft.com 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
www.file-upload.org
3 c1.adform.net 3 redirects
3 connect.facebook.net www.file-upload.in
connect.facebook.net
3 www.file-upload.in www.file-upload.org
www.file-upload.in
2 ap.lijit.com 2 redirects
2 onetag-sys.com 1 redirects
2 pixel.rubiconproject.com 2 redirects
2 googleads4.g.doubleclick.net www.file-upload.org
2 i.clean.gg acdn.adnxs-simple.com
2 aax-eu.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.file-upload.in
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.file-upload.in
www.googletagmanager.com
2 images.dmca.com www.file-upload.org
www.file-upload.in
1 ade.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 r5---sn-1gi7znek.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 cc.adingo.jp 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
1 dis.criteo.com 1 redirects
1 um.simpli.fi 1 redirects
1 acdn.adnxs-simple.com 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
1 us-u.openx.net google-bidout-d.openx.net
1 match.adsrvr.org google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com www.file-upload.in
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com www.file-upload.in
1 ssl.google-analytics.com www.file-upload.in
1 www.file-upload.com 1 redirects
0 certify-js.alexametrics.com Failed www.file-upload.in
267 70
Subject Issuer Validity Valid
file-upload.org
E1
2023-11-23 -
2024-02-21
3 months crt.sh
images.dmca.com
R3
2023-10-26 -
2024-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-25
a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-09 -
2023-12-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2023-08-15 -
2024-02-08
6 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02
2023-10-11 -
2024-04-08
6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
i.clean.gg
GTS CA 1D4
2023-11-14 -
2024-02-12
3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05
2023-10-18 -
2024-06-27
8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03
2023-09-13 -
2024-10-12
a year crt.sh

This page contains 26 frames:

Primary Page: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Frame ID: 5974CA391857E988DE492510BC444AC6
Requests: 106 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C1983E64D94582F560964F9DD433DFD7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: 94159CA243D3E48F28250464DD536136
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4DEBC4D017D716DB3621B5A36CD5C663
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_-awV1NxoZii53wpgE_W4qsCgpkvr5vNOYS3BiXO1mbfJD6Qtt9I5ztw31XebiRNFmS98f3-bq42h0clb1iaR7v43Pg3a8KuXHIusjhD3a4cX-DZRRV6Iv0SV0Rrz6g1hLNZ82D3JIacEMjzHP9xxd6dl7MdBWO8e4IcZgItSfCc9ErZF4bs7E9W5S0x5TToWYvEum_iAEkT24iUrUO61s-beKaMm0_BD-y5ck792ux9Gn3vFSDvzzvk25sjeerbgWhtXt-axOdBEsxxC0k6c4cC1VZg-Oz1je3h03z7i9NbfM0htTO9hkM0ITbXmWoXnvzdy0MaTtflzq_oU4LawHiuAyKQj5hjt7u3V5F9-YycXlyIDdyX7ck8yOqa2U4JGxpukl-za-Qg31IQZNJaJJhue6Xoar0pTMiXlHjW-KPsOyw&sai=AMfl-YSJeiGNG2hDrgS3CDUtfU-Lakz_GI_rO9drq5VF91E91v1TIIXtDuFHGt9XTwzCNxhxisnq0O2O0wEDMLkZAvAjQafWUqiBm3kHcNnI7KN0iirGJoZo2cxUvjU0JAiZZJjpH_c3LXVigQLuJbWImOcpvv-3HFq72rbVOKs&sig=Cg0ArKJSzHIDyM42G22wEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: EB350005B5D934E71FF8609B19F2A14F
Requests: 2 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA7F6CF249D6656460FA24080EBAC200
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBx3jYyYehNeT-Dz3eNUT46Ldw1E-vQMud2UKNZz7V6py3592PsIO1NgKIOkK9_lhYwsnCV-fc6YUBXUhfAZLlhihvjy1Rq7-7sH77AjNuQRmydYQdOzcOYZ3E5BcjwFOHXH8oOONWME252OLZY8bIzoXYu-ZO7pAwgzlWGih4uPECfQyrA75eKDs9cfpPJH5bqYov2oIE1I1uQbEqK4LYwBnEqDPyT6qtoV7OZ6-WBiFQe4gN0SWHgWWg2E_F7HZ89I3AlonrpJ2Ag-F3sVGxKCNCsOIA_JBMlcbYTDGwjsDEDk-iwIdmvBrcif-nURIXzcJSI-NI9-99C_g2wPvpXtsx5XukLAmbCulhFWSiF7HdwiLu_WmVoAY-PlHLfEX1xbsdLaUar5H96SkCeeEjPKTskriC2EXydINPa_JJEH_8&sai=AMfl-YSTrU8Aq6u1Lbnc9HA_MA-K0UivBmn6ZFx4W4cCc3L-uf1FLsr5H-lDBSxc_i-GtauNHcx9JbrdkReOft2u6RXdf2lwpi8Ufksm92WBjNDDovhiscmi9IPMvlvgpLd8x_J9bjRpEaCxJE_yFRmR-jJoGeNFV7CC9kICEyI&sig=Cg0ArKJSzJat_QVWiz-zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 200D2C7FE3BE5C6FDAE0A1BD604578E7
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstksPsplbwzOn3I5C2FS7QZmyyCjmtFvGxmIiDVMLLm-t5U6FK7LjtLP3JGEH5ZU6qe0FJwj5DwYu33XluHot7mE7ZFHuOdAlfFp_qD7uDNETEqrl_mdx639ZM_X_mnh7rrqwND4BJDFTT4cw62cEvDuC2VEyNDahgl6kMinPcsrucVSwSV4nb97Gs6Ke7XpAoUauwCZuuEbeSX9BzGBKfz29e4jX3wAzzU8HEURHV6CNjjimoBslK5IuIMpIoXFfSu46D5Yf35Ms41ZvI3RX0TnyljGQVHT-AkN4ICEUczxA2fNfA4DHLfHVUhbO5kLj8vpth8Uc_K2cY8UEEmoM5tkqUvgFdOC8lmb4dvFhdi3yMLs6mV0N6VD-soI14GBsqqEBGkpK5DOrwgBvYAW5a4JRnjvtzEw9JFY43WMG8yWYnF&sai=AMfl-YTod8RaaDFMEiLHzoWjmdCj8twsaFKzk1iGuNwIRGHNCLHfgxj39z03Sc6uKZv2b7g_jfsr3yjguA2OFIfFj-8xH7zYvn512sgxm7b-F9spV-P_qh0lhrAaFgFrZHkBNdZSCTeYpPfP5w&sig=Cg0ArKJSzFrwaUHdVz0iEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D3FD63F9A0523F5AE2840C992803E23D
Requests: 2 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8823013D7B51298F1C9D00B3EB06D1F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT8cxDP5fnDBRjK3On6ATAB&v=APEucNXUN8b59aOnwajD3Czau7ragwyv93HcrhbKF9Qo31Nvu3CvJKFbNqVbW2WH50GGTjRK7cnG5U3jVewVoc4nykmD9GiH7w
Frame ID: 6A77D1315753F8AFCE4F7B40FA4035EE
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: B377FAE4FFB4B87108FA5FA127B87118
Requests: 16 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C11E61621E607D382448E92E038AEAF6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci8rhqoFpZYP2Jp6L7_UP9cC-8A3S4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSnAk_Qjda3vAd3O_QFHomGkx-1w66DFgEocUxlg-x109aW8T3QvxL64slfWofLuEdz8TEp2Nf9pIzVIRv4ps7rdaUHGi7QPk80s0UmpHEXEojnyu_ghHbuoNQey1Alp-x4-4y4MFHfFMT58ifY03BeqYpBm5rsmecrBOq2htonwgine4uGnzNOJdL_fyhqjCm_KwEjf6MDRX_TDiXObUzT4RtuEmoVYttfrC4FQaN8miBsjXEjwgg_6iAQK5xekrGHDUyIkgVGGdH6S6KLWqaCXHNfxIhClwRYqHbG5CQHyZA7lZu7qi4-L8TwYiHh69v9lslNrnUcSsW6foYmJLr0PKM2jTzhokpdgPgExNH4-wQSwKf4yyY60-5UG0Mr5S2oHhskrBYr7i_gBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WIu3trbS7YIDgAoD-gsCCAGADAHiDRMI0e-2ttLtggMVnsW7CB11oA_e0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Fl_XlK6wyQI&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNAjHWgYIRwFmgNRpwPQV9s5Dxgglcc_WNGQlmYsNgGWI3pIt1u1d0GpaxIL0ZLq-LH1dSzoT4GAE
Frame ID: 4BD74E9CEB0D3A402CF702E65C6F5ADA
Requests: 17 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A24ABA5D948F66D15BC38F3F13908FB9
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 332FDEDF164281E46D51E3DBB9BB903C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4AF964D601676A815DC3AC57881120BF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
Frame ID: 0E0626C748579B9411D18FA416ED1152
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F323DE5AA5E3DF7D0E85AC0A53D4B3C
Requests: 9 HTTP requests in this frame

Frame: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 70A0959E68D0159CDF36C6975E42D113
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: A3E35D654065866019ECA4BDD78C74CF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9D21689E2147B1AA04EC779E5337EEE1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D189195176F5F05202398256E58EEF70
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC2D146A7B60CD0B37E8206FA7C21118
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF16196B0F07D6F0F3B1352A27072342
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29E42D31180D33755651A70C953ED5EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 4F711F5437510C82414BFBACA2CE3DCC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

  1. https://www.file-upload.com/wxkhqan2vv21 HTTP 301
    https://www.file-upload.org/wxkhqan2vv21 Page URL
  2. https://www.file-upload.in/file.php?get=wxkhqan2vv21 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

267
Requests

85 %
HTTPS

54 %
IPv6

47
Domains

70
Subdomains

54
IPs

10
Countries

3855 kB
Transfer

8593 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.file-upload.com/wxkhqan2vv21 HTTP 301
    https://www.file-upload.org/wxkhqan2vv21 Page URL
  2. https://www.file-upload.in/file.php?get=wxkhqan2vv21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.file-upload.com/wxkhqan2vv21 HTTP 301
  • https://www.file-upload.org/wxkhqan2vv21
Request Chain 64
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
Request Chain 82
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ksx1bHxDTEhRNFp0S2ZOVDEreXdYSjM2cVluaDRJdlcyZ2Y3Tnc0ZlRaSmIxanlGVnZ1Qm5MYUFtMWZSRUcxc21MNGRrNlg5d1dBVXdtL0NvV1RLN00rbmpzSUcxUURXVVVQeFJzSFlGRjZkZ29ibFNRZHlNSnVSc0QrMUhwd3Q1YjgxK0JKNU1DOWl6YXg1UWFKUk1hRWM3QVpERUgwOU9ueTlNZ1RRenlvTmJHMWJxYmM1TlJDbFdxSTRsVVg0bzUxWmthVDR4UzZubXpvUnlDUk5vdnhycEFrK1JvT2Q0eitaUGdaR3AvOVRqWldicVVqRlAwT3N3cS9PZWQ0N2lidTRwZUZsaUwwSWh4NklsRmJoNkRlOWVWZz09fA&cppv=2
Request Chain 86
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1025631642165239184
Request Chain 87
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097&dcc=t
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMuTpOEgL8YPt5QMha9gNGM&google_cver=1
Request Chain 97
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=95be7b2a-3ffd-4972-884f-0125714e8e8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=0560c0d9-aa49-44d6-8676-65cec44695a4&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D655e7fa6ee7741d4b8990b1453072bf9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=4846071882686230125 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=655e7fa6ee7741d4b8990b1453072bf9&SNR=1&GV=2&med=10
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1&C=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmBqpStMjHJ-iK30jw--gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1
Request Chain 164
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=356b1bc1-a4b6-43d1-81d3-833c3e2b86f8&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4a3da815-5fff-40f2-b6e1-d6c2ba1f4998&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Df45c2a3f6ac34872bf52ed8db369355f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1811841211692822388 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f45c2a3f6ac34872bf52ed8db369355f&SNR=1&GV=2&med=10
Request Chain 185
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cdc933ea-3aae-432c-ad19-451f3f769d7d&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=15ce145b-4a3e-440e-abb1-11e9afa68a2c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D7264b51779ee4d918ea7749a59fe0b3a%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fs_gbxra_yvfg&aid=6130185318026792816 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7264b51779ee4d918ea7749a59fe0b3a&SNR=1&GV=2&med=10
Request Chain 193
  • https://um.simpli.fi/gp_match?google_gid=CAESEK6Bv7S1KK-ZIqwAEO-wmSM&google_cver=1&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZTzTzILNMgdmn5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9F3B2D6B1641D1B51B3B9762D11E64&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZTzTzILNMgdmn5
Request Chain 194
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL7dNBWhFUu4vWGcXodgMnw&google_cver=1&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL7dNBWhFUu4vWGcXodgMnw&google_cver=1&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE
Request Chain 195
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRUUMUEkljextAtoUGK2VaHx9T7mK253Nu-0xWuErYT0vuCjwlmg9KPV-POBawA-HuA3YZaLhJ6EzLo1aGgMJCLcXnM0nk&google_gid=CAESEJFKqQmv8OLzUXdi-YHwadE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_TVRILDWqepu8qiAwt6j2Jn-HdcczNHzUm8NhA&google_push=AXcoOmRUUMUEkljextAtoUGK2VaHx9T7mK253Nu-0xWuErYT0vuCjwlmg9KPV-POBawA-HuA3YZaLhJ6EzLo1aGgMJCLcXnM0nk
Request Chain 196
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzyAyCReYY7oES9xybixes&google_cver=1&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32a6jeQoXq9C-4qh686KSzb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYzMTY0MjE2NTIzOTE4NA&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32a6jeQoXq9C-4qh686KSzb0
Request Chain 208
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELh0hvxRiYRXHF5cMP_4ksQ&google_cver=1&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom92HDRm1o9pZLKXkemplpcTtd3eaDxOUkrNrjJsoA98vHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom92HDRm1o9pZLKXkemplpcTtd3eaDxOUkrNrjJsoA98vHw&google_hm=0T4xgiXEHyY0lSsmlhW5nw
Request Chain 209
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j045QKpa_vvbNg0izp3qCQsaNdEoUOiksu5lZX3v-T5bYv62Q6t4SEevw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j045QKpa_vvbNg0izp3qCQsaNdEoUOiksu5lZX3v-T5bYv62Q6t4SEevw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j045QKpa_vvbNg0izp3qCQsaNdEoUOiksu5lZX3v-T5bYv62Q6t4SEevw
Request Chain 210
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEC5eTMW0nEcHJcrbf7cfer0&google_cver=1&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6cDJpiQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6cDJpiQw
Request Chain 211
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_cver=1&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1&google_hm=cUpqM2J1RjZqVUxJUlJDZXVVQ3I=
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENVYYgCF7_IdLEz-3FEKcN4&google_cver=1&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaDh1Mop7eQ4Xc7zzgiVFIiM13WN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMUE4tRi1KQTJI&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaDh1Mop7eQ4Xc7zzgiVFIiM13WN
Request Chain 214
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF2nC1ssDFg03TxW3CMKX6g&google_cver=1&google_push=AXcoOmSDQWxXcI-EuDDbroCv9WqaBnItc_uKr1fdRpZyb1KYszMnWY7UQvQnB7VGITw_tCb3saMQITPvTBrBCQ8Fmji5dogYKyc7qdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDQWxXcI-EuDDbroCv9WqaBnItc_uKr1fdRpZyb1KYszMnWY7UQvQnB7VGITw_tCb3saMQITPvTBrBCQ8Fmji5dogYKyc7qdQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 227
  • https://gcdn.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A453067521C4DD45C7913F12F43EA4E7734809DD.7D9CCE702CD618EA69AAE304E22D0BFCDF69F4B0/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-1gi7znek.c.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AB4320A73629A8E65A19E534D9B20E725FE9EF8.06D7B3F2254170B75771D5F8654215348D9C9645/key/cms1/cms_redirect/yes/mh/hD/mip/2001:ac8:28:5f:2fb::1/mm/42/mn/sn-1gi7znek/ms/onc/mt/1701413068/mv/m/mvi/5/pl/48/file/file.mp4
Request Chain 250
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 251
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELh0hvxRiYRXHF5cMP_4ksQ&google_cver=1&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u13JhNYHxK2G2VUBZQM-S19gBxUKwqklwf5r59CUJojdmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u13JhNYHxK2G2VUBZQM-S19gBxUKwqklwf5r59CUJojdmA&google_hm=0T4xgiXEHyY0lSsmlhW5nw
Request Chain 252
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmTEq226_QtpnrXKjuzHxOzYLipwwfVmroS_s29Bi6MSLafiYfQu7ytujnkEST8FAU1hx0lXtapAA0yqFhmvkd_AKNODLS9- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmTEq226_QtpnrXKjuzHxOzYLipwwfVmroS_s29Bi6MSLafiYfQu7ytujnkEST8FAU1hx0lXtapAA0yqFhmvkd_AKNODLS9-
Request Chain 253
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 254
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJQucFFos4yo7wo-v6ArcWs&google_cver=1&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGrDDGHECA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGrDDGHECA&google_hm=eS05dlk2MXFsRTJwRTJTdXZTc25sWXNSRXd6cUxhM0FpTX5B
Request Chain 255
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_cver=1&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w&google_hm=bUNsTVl1SDV6amg0X2djd3NKM28=
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENVYYgCF7_IdLEz-3FEKcN4&google_cver=1&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWWuL9S2BYkGvXG73Bl9wJRV7F_B8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMVlQtMVEtSlVFOA==&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWWuL9S2BYkGvXG73Bl9wJRV7F_B8A
Request Chain 257
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECy9rvf7eKix5-IIa1yurM4&google_cver=1&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECy9rvf7eKix5-IIa1yurM4&google_cver=1&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw&google_hm=HvzYvGZHWBK8Pp4KQLGkK89B
Request Chain 269
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=356b1bc1-a4b6-43d1-81d3-833c3e2b86f8&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4a3da815-5fff-40f2-b6e1-d6c2ba1f4998&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Df45c2a3f6ac34872bf52ed8db369355f%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1811841211692822388 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f45c2a3f6ac34872bf52ed8db369355f&tids=15000&med=10

267 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
wxkhqan2vv21
www.file-upload.org/
Redirect Chain
  • https://www.file-upload.com/wxkhqan2vv21
  • https://www.file-upload.org/wxkhqan2vv21
27 KB
7 KB
Document
General
Full URL
https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b1c91ab54da3ef458c0d65ee48b83e3b5c1a8e13d4ef57e58a429355121825
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e961ff1e940bbc-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 06:48:08 GMT
expires
Thu, 30 Nov 2023 06:48:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9wzu8pLkxEdhfNRSAsM962HSbgbpMPoYQk0tkxIDrveRjxPYPrWHGgv213aGLG%2F4SdIovbPjUC6Ipcj0aj5fqgRkq0pO2ovuRG3UDcGEQOBjVz1PhTRC2mvrM9U8vWGWVyfzbaMbSwfh4MSp2ZlngsR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e961fe3b470a60-AMS
content-type
text/html
date
Fri, 01 Dec 2023 06:48:08 GMT
location
https://www.file-upload.org/wxkhqan2vv21
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nduvIa%2BatkEWE2wJLF%2BBCVDj%2FdCRtUiPwpPYdtmDx%2F6tbLU%2BXzDsQTJDBycmegQUohWO2lCpugursjo%2FB%2FFenr9bGWOU7B5wSBiYYoxrjh9UArkMxzrdZ%2FA1BDgMl7vxqI6zipLq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.css
www.file-upload.org/mngez/css/
247 KB
41 KB
Stylesheet
General
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
275388
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvhbXRN9IQXmZEo0JF6Nw7i%2FRpQpPEy%2BPYC%2FBfdEjNMikvg0C7T7bShI4OWRjZjOsLkuAH6I8hzGrgOUklfemFOFILNskJipr9JBUEwny61j0TTvrW9obkqb71GvlbcplK2WyyhkCUJAKrVG50iT2voI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
82e961ff8f0c0bbc-AMS
expires
Wed, 29 Nov 2023 02:18:20 GMT
app.js
www.file-upload.org/mngez/js/
235 KB
80 KB
Script
General
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIPnPSi9OjLhgKJ7bEFrFXS1n9hi6an0mBLxUkRWTxPDsQyczRtLkZpP6Aq7dSYV73%2FSkXQK1GhegzFLujAU5qRZf%2F04nI3Fp02hQYyMomAhjCJcGsYRPziaakTKtLBpGoK1l01CL9NaDozUjN7%2FLkCc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
82e961ff8f0e0bbc-AMS
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/
3 KB
4 KB
Image
General
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170124
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGy70VNu54cGY4C2jcvkrmLtQDaHA0hLha0S0liZGjSEwnNzldhLJTB4nCEGsnH2PcDYfR1c%2FYl%2FFBdygcNl1KJJHvhT9nd76tls1RbIWV0%2BxyQBbQ1UvzJWC8GMWk4gUlxHTM242YKc8V2FkFM9uubO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e961ff8f100bbc-AMS
expires
Wed, 06 Dec 2023 07:32:44 GMT
email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2023 12:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656491fe-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvRmEh%2BsdjJ5m50IAL0ML%2B1E2hOdRqyyL4D3bw3qNiliBGHhBJwLlnFJQjbLJ0gA4fAjW5Tf1IP3lJHQ359Cfhb%2BVasSMB8g1czKBURNlNJGjwZFPDWk2JZCHS8%2Bc16205fte68zysg4iFMT5j%2Fi2AJY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82e961ff8f110bbc-AMS
expires
Sun, 03 Dec 2023 06:48:08 GMT
anti1.png
www.file-upload.org/mngez/images/
19 KB
19 KB
Image
General
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
277004
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CA%2FK9hL66IeQZx7qTz5WO8d9iZpsxdlEmSbXg0%2Fx0F2jw9jo06fst2qvzxSqEmNW8FiZJP3sqbsoTCZO2sp1j1ruAHjbge0rzdQPCJJLe6bN9d%2F1j9iL4E2%2FbvsU0Ak5ud5Bii0XKm5Hhm1IsQq91ugK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e961ffbf4b0bbc-AMS
expires
Tue, 05 Dec 2023 01:51:24 GMT
anti2.png
www.file-upload.org/mngez/images/
641 B
1007 B
Image
General
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
275611
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABxj%2FtE9kZhya35t0%2BAzYgtMor12trwM6NWK7zA5RwtI2CTYFZIUZGh3rhc%2Fi7K11IXAKcGJl%2BHMGPqfQ%2FaSkyVZ3%2B9hoLGlydDqeBJdpred7bR%2BM0PO203dQ%2FN4t7HYmtKEfcJO%2Fu5mKUDqu9UNyyRk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e961ffbf4c0bbc-AMS
expires
Tue, 05 Dec 2023 02:14:37 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/
4 KB
5 KB
Image
General
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
b3641cbfb0439ac5f23baf649cfcaf50
accept-ranges
bytes
cdn-requestcountrycode
CH
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169790
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt4LasPT0YBlwj7CH4E7k590Z0%2BVyaIkco0leEPnRd1hkpYKc3ALET6s4Gjhhr0tOsqxJi4qriU8iMcC5O2trdhlBZ5H7XvWQSKPTxXHvIGiUcQ13DMrGfzGVDOTdHeTURYxUch2FyANKeR7Q4Owg1cl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962000f7a0bbc-AMS
expires
Wed, 06 Dec 2023 07:38:18 GMT
Primary Request file.php
www.file-upload.in/
23 KB
7 KB
Document
General
Full URL
https://www.file-upload.in/file.php?get=wxkhqan2vv21
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0850559507255a6c25f512334fcf9e1fd1c95f5a090bed072ae09ee68b036a0

Request headers

Referer
https://www.file-upload.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e96200ddbef144-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 06:48:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovwRXCwj6nybEJJizXCzFSbDFSxoFGTWOnXP2LWzRSiCIKR%2FRiUgEK%2B8rb4QKVnQK8pHJXD8TCBD%2FS0VW6xGdqbS8woMUUfZf9cwpriKp4iKAFJyByFsSWX0Od3%2FGoAnvoCRsRureqNQt%2BeRZwXsP6w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
flags.png
www.file-upload.org/mngez/images/
15 KB
15 KB
Image
General
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174238
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbR%2BO18Zyf4I06WoegUJOf1AJQgSh6YPOe4NDctsD5Uc2ohcXuwTqfuBm6cc4JTpLvz0mSP5mZuBX5R42%2FM65rqKN1uFtSsnCtRiFloqpwdyxCfUKpNuigKuLSsFr%2BpHdZdbbS4CU2bajT8qB7lcVHJI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e9620048e92c71-FRA
expires
Wed, 06 Dec 2023 06:24:11 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/
75 KB
76 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4423
etag
"12d68-5fe4d56c8e4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Bk0jc666qoZu1%2FSr8lMbBOoH7qwZGPe8CHO0B7cUFdyoq4QLUUXcYr60YX2myzTF3QnehiRzNCwKl11JgPTql37jyKYdCW7eaZqW8E3NpCWIzCA8zT3IfctlbGRhM%2BM%2Bhm%2F2AxT%2BB6fKpgot6ThvehM"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e9620048eb2c71-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/
8 KB
8 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4554
etag
"1ee0-5fe4d56c8f861"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqrWEAlAQ5N7GtV%2Bf7SSySpQNH1pb71b1HinlRzxkvR%2BBkdW6flv4KT6zMcl1Sfy1jdEphrmFQOalOqkPZcixOIRz9%2FNlldihK7OvKrcCsTGEgoKjC%2B8q0fC0rrntOl05QGYmkC1bQ8N4TEAnwlXeaM0"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e9620048ed2c71-FRA
alt-svc
h3=":443"; ma=86400
content-length
7904
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/
8 KB
8 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4554
etag
"1ecc-5fe4d56c90801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7ZRswzlPrLkvTg7T13nzLPJSM0AMNCS%2BLa%2B2qJ527sM6UJJOQ59UIAG3LTc3hROZiuYDBZ9tx3OhUd4co%2F%2Bu8%2BtjL9dVNMYJTRkZHRBjcO2%2F1WCm%2FoRi35BQ1UA9wKq65qlF1zsLpZC215x9spjNydM"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e9620048ef2c71-FRA
alt-svc
h3=":443"; ma=86400
content-length
7884
up.js
live.demand.supply/
5 KB
3 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1c23b379134d86c8874d32d0ff4bd1a8f0468d9a2115d6398a4f720bdb4408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGDM5FM04GJ9Q5AA9B829S9P
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
1034
cf-polished
origSize=4807
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ed1746e9b76c4f850e968d80247a799b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
82e962023f663a96-FRA
link
<https://live.demand.supply/impl.v17.23.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-21-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin
*
blockadblock.js
www.file-upload.in/
7 KB
2 KB
Script
General
Full URL
https://www.file-upload.in/blockadblock.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/file.php?get=wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271254
content-encoding
br
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 11:59:30 GMT
server
cloudflare
etag
W/"64afe722-1c1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FWscjGa5p2jM%2FkEvKXYf%2FJ3D2j30MnsvtndAk1vHWuK14dMqIAPflcgzMaIk3xSfsndh5QJVEpFaUqQ5brwBM8aN7H0WhQ6CDKlos6Hdq1ktmrBLqeZK9vkDtsj5AhOHF%2F%2Bsl54dheUFgMaGXt9P60%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82e96201be47f144-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29107f00bca508ab4013cdf23df03f8331f02fc6726c8fa553a72b91e8de07dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68936
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 06:48:09 GMT
app.css
www.file-upload.org/mngez/css/
247 KB
41 KB
Stylesheet
General
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264035
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOHRkvip4F4E%2Fmn8KqVqtDmPJvAcBdzETwFmr2pTYMT2hgWEOe2HcstfV1b4d99%2Bl4i0adTcZA6GkQfKVPkrQJ4tgVNWb1V1X9Oz4IvrAxkLxPbi0g8zoiNU3Q5owf9Lr2Dn%2BUW9NmIYALvKOPdJpHE%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
82e96201b9e22c71-FRA
expires
Wed, 29 Nov 2023 05:27:34 GMT
sdk.js
connect.facebook.net/en_US/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7131ac48dec530211df13441c8a1e08d4bc5295be1544f03966efa57cce6009d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.in/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 06:48:09 GMT
content-md5
a+I+amwgwjZ1ShdmGjqVGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88318
reporting-endpoints
x-fb-debug
slrIJzMlqKYZUwk8z/AKuFVbZgt2hCshwJ2CT165MHFOPQ02N+8jervr6D9L9iLvwRqODLZ/mSbYjdVP3CzhRQ==
x-fb-content-md5
049f1d9520c7cdfa2811cdf057f8be16
cross-origin-opener-policy
same-origin-allow-popups
etag
"c377086e0ff714dce4ead7933df3b6da"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Nov 2024 17:30:07 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bf4a40ef4448a0b87843abafbfe3fe74736221e9d61ea2b661b6ed1ee3d6d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 06:48:09 GMT
content-md5
jyZ8AcG5hOF2AHBLYYOlXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
5JEvobmiaVzlVP+xEgVNYcpDRIPpOoMVPxmCrVrJjbJVNGZqJIJH3a5ltJjAufhaZFZoJQPRk4bh/fELC9BndQ==
x-fb-content-md5
f0d0eca975471debd7ab1faf847675c3
cross-origin-opener-policy
same-origin-allow-popups
etag
"d0c93371ddd2c672979d1322572013de"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:59:34 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 05:39:57 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4092
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 01 Dec 2023 07:39:57 GMT
atrk.js
certify-js.alexametrics.com/
0
0

app.js
www.file-upload.org/mngez/js/
235 KB
80 KB
Script
General
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnJN1W1Bl4ZYrdspeLBLtOOR9jpSSiZ2vB1tFBxO82uE5xaEtWSaPwa9NaPMuF7VIPqsd2gtd%2FJAiDA4TJF6lOCq%2BMJk4vxZV80vrIkyrQAVQTbAIgEyCvMd%2BZ%2BykXAorU7ZeQsZXW2mOC4o71zyZeJf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
82e96201b9e42c71-FRA
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/
3 KB
4 KB
Image
General
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175749
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgNafSPxYdO0yOailcO11YpIOVQNMLAZGFMUHCH9xbnbu%2BVer5QFCfwmqWk2ws44YEw1gnTv%2BzojZreBOeUirhOndBuMnFB47j6fKBYCZepB8Fl3X6EF90jgavdsjfIV3%2B8iabFSgrbwAipbXiuiy5Pq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e96201b9e52c71-FRA
expires
Wed, 06 Dec 2023 05:59:00 GMT
email-decode.min.js
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/file.php?get=wxkhqan2vv21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2023 12:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656491fe-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTgrdB17aEtq0B63Yv8xVPdiN18dyIR0YySYfn1LQDBIlgAhSUEh%2Fr4xWLvQ6oG9o2ENxcSIyi%2FggKB4871JNpi0MYNkGTx6ID7gQe1EdbVnL%2FUDND4n2FDtitoTjjyXO1OOuN9dDQn%2FTIBiW%2F%2FEKaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82e96201be48f144-CDG
expires
Sun, 03 Dec 2023 06:48:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 06:14:57 GMT
anti1.png
www.file-upload.org/mngez/images/
19 KB
19 KB
Image
General
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
191016
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np01XLqkA1nm5h4GOq9%2FQuLKpULaUJ5i2tH9vqFDJ%2BzBqgfhs4EWbMd%2BPluoUSZDDIPy1KYw6o%2FPIOukEtej8VzbEhIt3AxfHrYBtX5dW8fYaTtRCgnYxqa%2FJS5a7m4JdcaBzvakIIVRQgqI0eWc3deR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962020a222c71-FRA
expires
Wed, 06 Dec 2023 01:44:33 GMT
anti2.png
www.file-upload.org/mngez/images/
641 B
1 KB
Image
General
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91538
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzeQo%2B%2F3vxyzT2zxp8dSrtKfQrqig5fR3O2jaJP4uDyRrjZ2GLlK5Zy4rEhdI8SgJekJ679LT80MPokLud2jJcItIcbxxOu7G3OiGYw0Xp4noLN3FFJVTl8eIlr4oRZ01KnAM4jKTZnpdGBdHemz3nS4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962027a7b2c71-FRA
expires
Thu, 07 Dec 2023 05:22:31 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/
4 KB
5 KB
Image
General
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
964651a3dfd7b96af74e5a0ba6901f12
accept-ranges
bytes
cdn-requestcountrycode
CH
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103393
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuHZmm%2FACjmp5qI1x3PLBKu%2FbNM%2FtvUgWGk6mwen3jkkdQw822y5VNCW35BvFFBjkQ24ycZv2zAVJ%2Bib7Gip1uWt87Z72tpip%2BDorqIVovIoX5sPrHNy5B0o89bmEzlF%2BHHrUKFJX%2FUjecVDNu1fVmg9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962027a7d2c71-FRA
expires
Thu, 07 Dec 2023 02:04:56 GMT
sdk.js
connect.facebook.net/en_US/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=87ab1feb4e91ec17a2088c42353a24b5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c7430730af1dca44b18b081c8d83ee6dd654abd47708255fb68eae59dd0f4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.in/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 06:48:09 GMT
content-md5
2ZfobK0UEiSYio2P3KJEnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88320
reporting-endpoints
x-fb-debug
LZWgwb9cBbMzppGrzLwPglU7mPO3Xp8hLpI4WpkrQ6c0mZ3+oTfVj3VT9Afo5frvXFSKVGpZF2B8wHUknO9wew==
x-fb-content-md5
0381150a9f088b2ac3cc349af24d47e5
cross-origin-opener-policy
same-origin-allow-popups
etag
"822ebea00d461df9859acaebc3c6dbd9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Nov 2024 06:39:08 GMT
flags.png
www.file-upload.org/mngez/images/
15 KB
15 KB
Image
General
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174238
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoEmYCwphAJeRcAyajTDFGPpVoDVYXjbYAOirA%2FWArbisVry%2BrBftPh9OzsUy5Aso2%2BEOAsFtIsAce7UEapKXHCheZ1LRoMg0GEoydbcuEOcH4GkDiUitqtcEs0oD9u4XF5JRdvF6KZiH8yxqyozE58I"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962028a802c71-FRA
expires
Wed, 06 Dec 2023 06:24:11 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/
0
0

poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/
0
0

poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/
0
0

js
www.googletagmanager.com/gtag/
224 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ee9ee0ffa44e78d85f42849656ce552c583282091fc2fd8b97b798928894af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 06:48:09 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 05:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3511
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 07:49:38 GMT
impl.v17.23.0.js
live.demand.supply/
85 KB
28 KB
Script
General
Full URL
https://live.demand.supply/impl.v17.23.0.js
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f568dc9a411ac08b4d6d2fe7f68bcbe1b15bdcaa36c2ba3457e7ba75d3cc3c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGDM5B1A39VH1J145ZQJNYXZ
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
148885
cf-polished
origSize=87453
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce5119cfaf8dfb4259a7a01f56f581dd-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82e96203787c3a96-FRA
d3d3LmZpbGUtdXBsb2FkLmluLw==
live.demand.supply/p4/v17-21-0/
2 KB
894 B
Script
General
Full URL
https://live.demand.supply/p4/v17-21-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434afa41585e526bc10ce9367cec815f39fdf4b8d15fc6b9ab9fc73fc4494957

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
82e96203787e3a96-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/
0
478 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=281&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425462
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962046d923680-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
92 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf774482af995e84278bf17bf71d63c550683c0d6bad12a52b54436fff6f7a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30369
x-xss-protection
0
server
cafe
etag
817 / 19692 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:09 GMT
ds.2.html
live.demand.supply/
413 B
619 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HFP9X4RW2JQ053WFEW7MZD5C
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
185
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82e962046d8c3680-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/
0
479 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGCYQAQTW8Y8EY004CEB7WHT
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
103445
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"54863d6286da298ff963ed522a1a229b-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962046d903680-FRA
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je3bt0v9114416819&_p=1701413289269&gcd=11l1l1l1l1&dma=0&cid=1320687984.1701413290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&ngs=1&_s=1&sid=1701413289&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=554
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/
30 B
372 B
XHR
General
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee94b8214631fa96c35ea7897941fa907f28f06a7b7fe0ebca2760405435ecd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82e962046d953680-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/
30 B
373 B
XHR
General
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee94b8214631fa96c35ea7897941fa907f28f06a7b7fe0ebca2760405435ecd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82e962046d983680-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
file-upload.in_fluid_all_fluidallshapes
live.demand.supply/cp/
30 B
372 B
XHR
General
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555654cfd3602abd456547b9dde2eca7e3b7d2720dc2bc510d38b28033914a8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82e962046d993680-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
file-upload.in_fluid_sq_fluidsquare
live.demand.supply/cp/
30 B
373 B
XHR
General
Full URL
https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee94b8214631fa96c35ea7897941fa907f28f06a7b7fe0ebca2760405435ecd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82e962046d9a3680-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGCYQAQTW8Y8EY004CEB7WHT
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
103445
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"54863d6286da298ff963ed522a1a229b-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962046d9c3680-FRA
collect
www.google-analytics.com/j/
1 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1830216606&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1446884915&gjid=1063490056&cid=1320687984.1701413290&tid=UA-119779859-1&_gid=674863171.1701413290&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=716958340
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:11:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
63413
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Nov 2024 13:11:16 GMT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425462
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962058e8d3680-FRA
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
100540
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82e9620629f29214-FRA
expires
Mon, 04 Dec 2023 06:48:09 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:05:33 GMT
content-encoding
gzip
age
1582956
x-guploader-uploadid
ABPtcPq1Jl-aO9BF9lNu46pS0qpg_SMiW0blRZMTVfGJTUbTsHwLRnd2S7fOjoW1J99JGW2YhMMsZpJ1ndluuDfSZzHbVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 11 Nov 2024 23:05:33 GMT
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 06:48:09 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:5c00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:30:08 GMT
via
1.1 6666f57b09bbb5ce206afb05563f731e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
HAM50-P2
age
1082
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
AsHStaSeS6gO4ASbz1t3I-PS6yjrc0nm4IVJx8z-XYIpBvxAvKHd_g==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18149
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMO1nFHoOUtUwn1V2aSIo0yQcoN5jRn8zaYb7v%2FRxoKVAzAkwTWbeaA1NcnbErvThcSlbIebZfzPwSuj1WDU9ho25DDfdDdzyQuWAIWyJQS2hwQ%2F2FtPciv5Lo21tYo7wUCEnYYIeWRH%2FW8XqmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e962064bfd6939-FRA
esp.js
cdn.id5-sync.com/api/1.0/
152 KB
33 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
ZJP9TBCW7R6FD3HJ
age
445
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82e962060e0218bf-FRA
x-amz-id-2
cySQfU3RVaedHXFRbm08lDIRkWb2lFvhA28DDbIKgiaTeS3yOi96KV5Q31WPX0be+QU2SDq+3rg=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:09 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
285362aa93e11bd7490e358e3ef57b55
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:4800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 30 Nov 2023 10:03:29 GMT
Via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C2
Age
74682
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
kvOifvDW77xq6VdATNGTt8ob5515cPNK7GDmeL1NnvowIdX5QCt6tw==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-52.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 d66ba6ddafce2f17d4194c66f1af89fc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-C1
age
83390
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
XEkRxMTAEjdW3duvmgJFcpd7xe9ZNm8ADNlpGL0lzxvOp_-ZmvuYVg==
ads
securepubads.g.doubleclick.net/gampad/
1 KB
733 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=3165793903047333&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413289856&lmt=1701413289&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj-_omhwjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGP7-iaHCMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY_v6JocIxSABSAghkEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_v6JocIxSABSAghk&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D96&adks=79733870&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f100a53c84f341482502ea4af77714bbd194da8d4887f7bb90e586febe6345e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
702
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
818 B
413 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=1954616001107273&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbeac2f13-96f1-49f2-bb26-529dae41904b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413289864&lmt=1701413289&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj-_omhwjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGP7-iaHCMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY_v6JocIxSABSAghkEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_v6JocIxSABSAghk&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D0.5%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D96&adks=2440838110&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a68e35bb06719b1a63c1f2b7fff1577a951ed9e6b3e6d97ab412ea1da1e8603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
382
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C198
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/
39 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
28095
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13736
x-xss-protection
0
server
cafe
etag
9658267497644244280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Nov 2024 22:59:54 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
85 B
202 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8ac3630c7755630dd94ccc9ac2f4c0b82492e9f47bd7580407583ee47c454a15

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-iTNOv2a1J/Kz+o35RNt6QfauNzQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.in
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 01 Dec 2023 06:48:10 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.file-upload.in
location
/esp?url=https%3A%2F%2Fwww.file-upload.in%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.46670694351196285&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962061efc3680-FRA
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=4185787985564175&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd3859ca8-d6e5-48de-9b11-eff7c2804e8e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413289941&lmt=1701413289&adxs=245&adys=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj-_omhwjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGP7-iaHCMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY_v6JocIxSABSAghkEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_v6JocIxSABSAghk&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.29%26bid-p%3Dgoogle%26bsc%3D96&adks=1034637559&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166ada5e3db8f95f33bf76916513c13a1410a254d487719577c247bc6ecc82a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12877
x-xss-protection
0
google-lineitem-id
5563951594
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.23335347175598142&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962063f133680-FRA
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGCYQAQTW8Y8EY004CEB7WHT
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
103445
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"54863d6286da298ff963ed522a1a229b-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962063f173680-FRA
ads
securepubads.g.doubleclick.net/gampad/
47 KB
18 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=576096208665579&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C3cc840b3-083d-48a5-9a39-279da3eea261&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413289957&lmt=1701413289&adxs=245&adys=1701&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj-_omhwjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGP7-iaHCMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY2_-JocIxSABSAghqEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_v6JocIxSABSAghk&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D96&adks=222324237&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
503afbd12193ec13ceff79f32e3297385249650a5fc29cb3086710a25e426e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18854
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/
0
234 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file-upload.in
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 9415
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
server
Kestrel
server-processing-duration-in-ticks
391184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/
156 B
616 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cb5b23a57d5bdb83bc5ce8a03197a13a74dd18768a92443fee36ae01021a24fa

Request headers

Referer
https://www.file-upload.in/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache
x-server
10.45.12.69
access-control-allow-credentials
true
content-length
156
expires
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.23335347175598142&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e96206df963680-FRA
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGCYQAQTW8Y8EY004CEB7WHT
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
103446
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"54863d6286da298ff963ed522a1a229b-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e96206df973680-FRA
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.23335347175598142&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e96206df983680-FRA
e.js
live.demand.supply/x/
0
480 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGCYQAQTW8Y8EY004CEB7WHT
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
103446
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"54863d6286da298ff963ed522a1a229b-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e96206df993680-FRA
poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/
10 KB
11 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1314107
alt-svc
h3=":443"; ma=86400
content-length
10420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28b4-5fe4d56c94299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaxjHbH6FUacXRpfJ%2F%2Bo%2F%2FH40sGntxDdk%2FLkb0DbRAKV%2B%2BFdnuJBzYyt4EN1Og895R3tG38QuJV6S99yQk8eFwbpM8GyUuZ4PNVXpEWw%2BHNEkx124aR6WCChcWVqw%2FeBMBzuNzxEc98QcfghXmMGjmv0"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962076b3f2308-HKG
poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/
10 KB
11 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1231292
alt-svc
h3=":443"; ma=86400
content-length
10400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28a0-5fe4d56c936e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHQAADO8aWe9o7A2Xvl5gCJB0%2FE16gqAzr98jv5jfnmn%2FWP03nxfXU%2FAcTr0ZdB2zLCEFVmV84B4RizEjHD1CuZTDgPK109G6%2FZSwAWyNr4HzXXAKEzoLxCGKwIVx785WM5WKSgzx6UAohItWtbHH9kO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e962076b402308-HKG
fed
ups.analytics.yahoo.com/ups/58813/
0
367 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.file-upload.in%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.file-upload.in
content-type
application/json
access-control-allow-credentials
true
content-length
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=370488681825260&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C3cc840b3-083d-48a5-9a39-279da3eea261&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413290057&lmt=1701413290&adxs=245&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGMaAiqHCMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY2_-JocIxSABSAghqEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx4CKocIxSABSAghq&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D96&adks=274265597&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b153dc6c432d9272e706085246cd054f84e0d417e0615e9aecabb69a2714793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12872
x-xss-protection
0
google-lineitem-id
5563949749
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=2363153668553720&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C3cc840b3-083d-48a5-9a39-279da3eea261&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701413290060&lmt=1701413290&adxs=245&adys=582&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBj-_omhwjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGP3-iaHCMUgAUgIIZBIZCgpwdWJjaWQub3JnGMaAiqHCMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRj-_omhwjFIAFICCGQSFwoIcnRiaG91c2UY2_-JocIxSABSAghqEhQKBW9wZW54GP7-iaHCMUgAUgIIZBIZCgp1aWRhcGkuY29tGP7-iaHCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx4CKocIxSABSAghq&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D96&adks=1586647840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b887ae1186b30ce7e0adaa8870677033a6077da27b60200193666ac4fc0cf746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10414
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 9415
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ksx1bHxDTEhRNFp0S2ZOVDEreXdYSjM2cVluaDRJdlcyZ2Y3Tnc0ZlRaSmIxanlGVnZ1Qm5MYUFtMWZSRUcxc21MNGRrNlg5d1dBVXdtL0NvV1RLN00rbmpzSUcxUURXVVVQeFJzSFlGRjZkZ29ibFNRZHlNSnVSc0QrMU...
435 B
663 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=ksx1bHxDTEhRNFp0S2ZOVDEreXdYSjM2cVluaDRJdlcyZ2Y3Tnc0ZlRaSmIxanlGVnZ1Qm5MYUFtMWZSRUcxc21MNGRrNlg5d1dBVXdtL0NvV1RLN00rbmpzSUcxUURXVVVQeFJzSFlGRjZkZ29ibFNRZHlNSnVSc0QrMUhwd3Q1YjgxK0JKNU1DOWl6YXg1UWFKUk1hRWM3QVpERUgwOU9ueTlNZ1RRenlvTmJHMWJxYmM1TlJDbFdxSTRsVVg0bzUxWmthVDR4UzZubXpvUnlDUk5vdnhycEFrK1JvT2Q0eitaUGdaR3AvOVRqWldicVVqRlAwT3N3cS9PZWQ0N2lidTRwZUZsaUwwSWh4NklsRmJoNkRlOWVWZz09fA&cppv=2
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cc51b56d22bb273667d691b9336a1cda92013a8e4c578f76ad3ee73dff65014a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1250727
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ksx1bHxDTEhRNFp0S2ZOVDEreXdYSjM2cVluaDRJdlcyZ2Y3Tnc0ZlRaSmIxanlGVnZ1Qm5MYUFtMWZSRUcxc21MNGRrNlg5d1dBVXdtL0NvV1RLN00rbmpzSUcxUURXVVVQeFJzSFlGRjZkZ29ibFNRZHlNSnVSc0QrMUhwd3Q1YjgxK0JKNU1DOWl6YXg1UWFKUk1hRWM3QVpERUgwOU9ueTlNZ1RRenlvTmJHMWJxYmM1TlJDbFdxSTRsVVg0bzUxWmthVDR4UzZubXpvUnlDUk5vdnhycEFrK1JvT2Q0eitaUGdaR3AvOVRqWldicVVqRlAwT3N3cS9PZWQ0N2lidTRwZUZsaUwwSWh4NklsRmJoNkRlOWVWZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
362319
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 4DEB
572 B
789 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
01d7b59aa7d603463c65368ec9cc9fb7f1901de074d8f430a8bd3e96d4d44909

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
373
content-type
text/html
date
Fri, 01 Dec 2023 06:48:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/
575 B
271 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=299604745918131&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbcf1b191-0990-4fe0-90e5-a2e0b1483964&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D38bbc5b20579d3f5%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYs11_e2CKat4k2CzTXwbYaETOMKg&gpic=UID%3D00000cffa3e0a573%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MbBHKW2xJEM3wWx6Xy-I0V6N_Eskg&abxe=1&dt=1701413290237&lmt=1701413290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D96&adks=920899659&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6342db2a4aecbc20fecd0c0e7b450349eff617c21dab53f5b2c11567b4cb2ae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/
96 KB
96 KB
Font
General
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1231291
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"17ee8-5fe4d56c8f479"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jewNnFjf3q95VlzxY%2Fa%2BzhmA%2FrBEF4ee%2F%2BaZ4oOlOFtDvJHos5s4r5MC0dKDUzi%2BuNS0%2BFgxOGvqXl7ekrI68CoBoC0sP9%2FpnjRsBiA8%2FVRSixW8T01AmDTChbHt7fX1lJvi7NMGMmscJfhj%2FeDN1EJ1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82e96208ad1a2308-HKG
sd
eu-u.openx.net/w/1.0/ Frame 4DEB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1025631642165239184
43 B
97 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1025631642165239184
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1025631642165239184
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4DEB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097&dcc=t
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G4RTRP68BAZYW3ADZ88Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z7AYNMMWW7K8NKWRH03S
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8db0bc2f-6162-c62b-30d7-91023e64c097&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 4DEB
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d566c052-7dc8-7dd1-f0d9-139556570b77&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4DEB
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjkwOTEzOTgtYjRiZi0yMzc1LWU1MzktNDkyYzljYjVjNTE3
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4DEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMuTpOEgL8YPt5QMha9gNGM&google_cver=1
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMuTpOEgL8YPt5QMha9gNGM&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMuTpOEgL8YPt5QMha9gNGM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EB35
0
0

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EB35
0
0

ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=1225616948026925&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Ce5d6a113-1897-44a9-a217-a640317b4e22&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D99d2355e65e06a39%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYzP1l9M-3k9sQykiCEpRC1kZ2zsA&gpic=UID%3D00000cffa4126715%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYkX0Uy56qn4wkR5RK8sOZcVPSrtA&abxe=1&dt=1701413290321&lmt=1701413290&adxs=245&adys=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.1%26bid-p%3Dgoogle%26bsc%3D96&adks=1908979490&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49a0b6d6c2b7b13644679945e8b9992bd6f238e9c2c1c4a1ecb5bea10fce0577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12717
x-xss-protection
0
google-lineitem-id
5564061269
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA7F
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
477 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.09&b=2&r=file-upload.in_fluid_sq_fluidsquare&sy=b292e3ca-67b2-4fa4-8f35-fb6c4c581410&ts=96&cd=2&pud=281&pus=c&pue=508&pid=138&pis=c&pie=646&ppd=232&pps=a&ppe=740&pcl=377&ttc=948&tti=1334&ttif=0&lca=740&lcak=ppe&lct=740&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=57345b2b-1a16-47d8-887d-bd03d4f0c72b&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620899213680-FRA
script.js
acdn.adnxs-simple.com/strikeforce/ Frame CA7F
129 KB
46 KB
Script
General
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9b3aeaaed3adbbcfa190681ef74a510fae5f9af782d8c1bf9f9e7829a6b5f2f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 06:48:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 23:05:47 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65554ecb-204a2"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
47138
Expires
Sat, 02 Dec 2023 06:48:12 GMT
c.gif
www.bing.com/aes/ Frame CA7F
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=95be7b2a-3ffd-4972-884f-0125714e8e8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=0560c0d9-aa49-44d6...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=655e7fa6ee7741d4b8990b1453072bf9&SNR=1&GV=2&med=10
0
546 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=655e7fa6ee7741d4b8990b1453072bf9&SNR=1&GV=2&med=10
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B096AFC9B7F1427EA412B8A579AA96EC Ref B: DUS30EDGE0717 Ref C: 2023-12-01T06:48:10Z
x-cdn-traceid
0.66e22517.1701413290.4a54b657
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 01 Dec 2023 06:48:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A483AA1452046C8811D8C16620A0C51 Ref B: DUS30EDGE0808 Ref C: 2023-12-01T06:48:10Z
x-cdn-traceid
0.66e22517.1701413290.4a54b613
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=655e7fa6ee7741d4b8990b1453072bf9&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame CA7F
91 KB
30 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 06:48:09 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
x-azure-ref-originshield
0TwBpZQAAAABI9FcO9e1WTqWaNBNEXOTYRlJBMjMxMDUwNDE4MDExADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
MopfqcAbO5EhiiMKa7cg6Q==
etag
0x8DBE22005715E9B
x-azure-ref
0qoFpZQAAAAAe5f2t1IurTbvvTYvmOxuJWlJIRURHRTEzMTgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d50d08eb-d01e-0026-7ece-230181000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame CA7F
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 06:48:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sat, 30 Nov 2024 06:48:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CA7F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CA7F
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CA7F
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
67938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Nov 2024 11:55:52 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CA7F
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 200D
0
0

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 200D
0
0

ads
securepubads.g.doubleclick.net/gampad/
58 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=1144616108361625&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C109c8f82-23ad-4712-9ee5-ed45d30ca19f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da13e31822ad8a104%3AT%3D1701413290%3ART%3D1701413290%3AS%3DALNI_MYwP1UrFcNtRoh_tD8FPWLWXk7wTw&gpic=UID%3D00000cffa44176b4%3AT%3D1701413290%3ART%3D1701413290%3AS%3DALNI_MY88WggjEhSy8ivLs7kJBs4OSU35A&abxe=1&dt=1701413290395&lmt=1701413290&adxs=245&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&adks=642402217&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fce8c506c6b06cca34926f8c7014228a231dc9333285b7335a5b2c0955e1989f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14286
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1a
i.clean.gg/ Frame CA7F
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 01 Dec 2023 06:48:10 GMT
server
nginx/1.21.6
via
1.1 google
th
www.bing.com/ Frame CA7F
21 KB
21 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.8246383395555_1I99ZHE0JD6DCKHAD8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=379&h=198&qlt=90
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e24a29bf703b2a7599edc0137d9197ca9c7b3da8e2054791727afd965231d6ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.66e22517.1701413290.4a54b646
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
21075
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame CA7F
0
531 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLsA-jsAQAAAwDWAAUBCKqDpqsGEO3clZy6lq2gQxgAKjYJnsfp5Von3j8RdeSELQVa3T8ZAAAAQDMzEUAhdQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjp8QWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcFYiAUBmAUAoAW34t7h9eqFsnvABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGASA0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH6fEF0gcNFWQBJgjaBwYBXqQYAOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=700a92685d61b623589ead1275f8794d27e08273&bdref=https%3A%2F%2Fwww.file-upload.in%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.file-upload.in%2F,https%3A%2F%2F29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
an-x-request-uuid
83ef6ad0-4159-43ca-a509-dae7623fd6b0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620a1a653680-FRA
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620a1a663680-FRA
ads
securepubads.g.doubleclick.net/gampad/
978 B
511 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=3425306311251339&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D3d7224c9caac4c72%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYMXHkQWF9wGjqbjyC8sYjK2gLJ3Q&gpic=UID%3D00000cffa3ecaf68%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MZ2N9MpIdzu7FyoT8GC_mNFIJJ2iQ&abxe=1&dt=1701413290566&lmt=1701413290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D96&adks=3111070440&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f287935d0e963a4f2d4c10ae985facc786b432f677e24b0ae5efb0d3498506d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
481
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
56 KB
19 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=4489637159042955&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C58b2c653-aff8-451e-a0f5-2fd3c0085d38&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D3d7224c9caac4c72%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYMXHkQWF9wGjqbjyC8sYjK2gLJ3Q&gpic=UID%3D00000cffa3ecaf68%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MZ2N9MpIdzu7FyoT8GC_mNFIJJ2iQ&abxe=1&dt=1701413290594&lmt=1701413290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D96&adks=783718922&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51a592412ab70d10e1200751d02165d82a30b7dd306c1c00cdbbc3e2e0345941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19173
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3FD
0
0

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D3FD
0
0

ads
securepubads.g.doubleclick.net/gampad/
49 KB
20 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=3298425258427676&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Ce40580aa-e1ab-443f-ae76-58e052a5427b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&fluid=height&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3d7224c9caac4c72%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MYMXHkQWF9wGjqbjyC8sYjK2gLJ3Q&gpic=UID%3D00000cffa3ecaf68%3AT%3D1701413289%3ART%3D1701413289%3AS%3DALNI_MZ2N9MpIdzu7FyoT8GC_mNFIJJ2iQ&abxe=1&dt=1701413290685&lmt=1701413290&adxs=245&adys=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&adks=608434957&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aacde80063ce1d648768c995efc3eaca45fd1e989f9ae9e465ba12647ccd278e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20172
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E882
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.09&b=2&r=file-upload.in_fluid_sq_fluidsquare&sy=b292e3ca-67b2-4fa4-8f35-fb6c4c581410&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=57345b2b-1a16-47d8-887d-bd03d4f0c72b&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620b1b583680-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6A77
478 B
643 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT8cxDP5fnDBRjK3On6ATAB&v=APEucNXUN8b59aOnwajD3Czau7ragwyv93HcrhbKF9Qo31Nvu3CvJKFbNqVbW2WH50GGTjRK7cnG5U3jVewVoc4nykmD9GiH7w
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:10 GMT
expires
Fri, 01 Dec 2023 06:48:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E882
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E882
42 B
401 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDlC9x6YvUU--SODOfGBTAJgKmWPKjUC4U_jtRUL5Pk9jfYUyEFro0fjRBeDnGj8yXYGfzmZnbWhZq0Trxi7vtULZGQfanlim__z7tvlu-KPUQJLc
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E882
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15949137870919819085&x=1&ct=76
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E882
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E882
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E882
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:10 GMT
truncated
/ Frame CA7F
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7106570791ff88b5658f715de7345bd05954e68dc1998f8be1984894b6839bb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame CA7F
0
581 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKeB-ieAwAAAwDWAAUBCKqDpqsGEO3clZy6lq2gQxgAKjYJnsfp5Von3j8RdeSELQVa3T8ZAAAAQDMzEUAhdQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjp8QWAAQGKAQNVU0SSAQEG8F6YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgOuAwrEAi4wAPCGYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MDU2MGMwZDktYWE0OS00NGQ2LTg2NzYtNjVjZWM0NDY5NWE0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zCVxUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOADCOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_w9V9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODQ2MDcxODgyNjg2MjMwMTI1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56a3pOekV5TURNd05EZzJORGtqTWpNek1URTNNRGd3T1RjeE5qazBOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBbfi3uH16oWye8AFAMkFAAAAAAAA8D_SBQkJAAAAAAEQbNgFAeAFAfAF9jj6BQQIABAAkAYAmAYAuAYAwQYBIDQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfp8QXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=945f5fcff21f13d69c5fe7b53328be303f2b76cb&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=478&bh=250&sid=6517492891399470388&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
an-x-request-uuid
c8c93bb8-4d79-4497-8e7b-0b86c5d653c1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CA7F
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5FelqoFpZZ1Apsf27w_fvKeQAdLg1-Buj6S2k5MKwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBK0CT9AqUIDnHbNPURG0rvI4bOeSiTG8Xy-wHOP6AGAmkoAH1u6MyddPQ2l7OTwUK458bqhzehdJ7pnuYN0-NNYFIulZ19f964B0bbbrPVk6HY3zlO2HreqN6nBdFv5-G4PcQBDJaokZGP6dmAVk0-hbjwjs356S8xMk7GrwbYByqJ4_NWHs8x9bhCgRuHxbEt0Kl_joKc9kXh8Dqc1M7YzAt9xyrXbLrP-8zTwYlMnkUM8M2c2GSO1UYkVJed_DgMDNhGr_JzmpJc502aATf7hvFxAluLhNUtgb1sK2dFHOqK42zoNjytorYY27fwHD5GStv5wbygss54vWnaZhBOjHeGDQrpQwU7tsw4KinevVp1gjas9iGXorrK2nImXoruOfv-n61WH9Qvu1jxbHFOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBsIgGEQATICigI6AoBASL39wTpYvL2PttLtggOACgP6CwIIAYAMAeINEwiB-I-20u2CAxWmo_0HHV_eCRLQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=hAh9_pWKkNU&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNPh-93syA7iLV5pD06GfYc9AMxACR5j0g40uijNp97SABsqJ1TAkoJAPxZeDyOeL8B2ruvGKrDNXlpM4fbmYuDQ0DwJv_4FY7ixgB&cbvp=2&vis=1
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

it
ams3-ib.adnxs.com/ Frame CA7F
0
530 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKeB-ieAwAAAwDWAAUBCKqDpqsGEO3clZy6lq2gQxgAKjYJnsfp5Von3j8RdeSELQVa3T8ZAAAAQDMzEUAhdQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjp8QWAAQGKAQNVU0SSAQEG8F6YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgOuAwrEAi4wAPCGYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MDU2MGMwZDktYWE0OS00NGQ2LTg2NzYtNjVjZWM0NDY5NWE0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zCVxUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOADCOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_w9V9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODQ2MDcxODgyNjg2MjMwMTI1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56a3pOekV5TURNd05EZzJORGtqTWpNek1URTNNRGd3T1RjeE5qazBOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBbfi3uH16oWye8AFAMkFAAAAAAAA8D_SBQkJAAAAAAEQbNgFAeAFAfAF9jj6BQQIABAAkAYAmAYAuAYAwQYBIDQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfp8QXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=945f5fcff21f13d69c5fe7b53328be303f2b76cb&pp=ZWmBqgAAIB0H_aOmAAneX_EVc6ou64ClB8pWKw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOOF4qoFpZZ1Apsf27w_fvKeQAdLg1-Buj6S2k5MKwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBLACT9AqUIDnHbNPURG0rvI4bOeSiTG8Xy-wHOP6AGAmkoAH1u6MyddPQ2l7OTwUK458bqhzehdJ7pnuYN0-NNYFIulZ19f964B0bbbrPVk6HY3zlO2HreqN6nBdFv5-G4PcQBDJaokZGP6dmAVk0-hbjwjs356S8xMk7GrwbYByqJ4_NWHs8x9bhCgRuHxbEt0Kl_joKc9kXh8Dqc1M7YzAt9xyrXbLrP-8zTwYlMnkUM8M2c2GSO1UYkVJed_DgMDNhGr_JzmpJc502aATf7hvFxAluLhNUtgb1sK2dFHOqK42zoNjytorYY27fwHD5GStv5wbygss54vWnaZhBOjHeGDQrpQwU7suwaMwX08vyszZHnr8QP6dqI6tpmzGtjo9ObB-aeHXbuN1DvSqgJSvaOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBsIgGEQATICigI6AoBASL39wTpYvL2PttLtggP6CwIIAYAMAeINEwiB-I-20u2CAxWmo_0HHV_eCRLQFQGAFwE%26num%3D1%26sig%3DAOD64_05AM8zGuf4KTGnmehBQmHMgpAekw%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
an-x-request-uuid
128238a9-fb37-40fe-b102-14bd5ab29152
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame B377
196 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:10:37 GMT
age
135453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Nov 2024 17:10:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B377
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 21:48:00 GMT
age
32410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 29 Nov 2024 21:48:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B377
95 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 01:47:30 GMT
age
536440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 01:47:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B377
5 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 22:04:26 GMT
age
549824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 22:04:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B377
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:10:37 GMT
age
135453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Nov 2024 17:10:37 GMT
css
fonts.googleapis.com/ Frame B377
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 05:34:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 06:48:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B377
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
age
68095
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 01 Dec 2023 11:53:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B377
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:24:33 GMT
x-content-type-options
nosniff
server
cafe
age
48217
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Dec 2023 17:24:33 GMT
l
www.google.com/ads/measurement/ Frame B377
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTResXODlrRCVCHjP0w2JQY6_esDPBQO2Qu4hzbJJBHHiqD1rf_LJk4YNaQweH6g4Qqr1eYDQRx1fWnK9-_gCHQs0lWoQ
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pn=2&sn=3&pc=0.23335347175598142&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620bdbdd3680-FRA
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=b292e3ca-67b2-4fa4-8f35-fb6c4c581410&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=57345b2b-1a16-47d8-887d-bd03d4f0c72b&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425463
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620bdbdf3680-FRA
14763004658117789537
tpc.googlesyndication.com/simgad/3796010874641223857/ Frame B377
69 KB
69 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3796010874641223857/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
763de8c378124b9467d36aeadec6939505434f3b2b7d9a3cbdc38a45e58f0a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 12:11:05 GMT
x-content-type-options
nosniff
age
67025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70876
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 12:07:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 12:11:05 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14127246880975344399/ Frame B377
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14127246880975344399/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f87a908f3123f55117d4f34184bfa94d2f25d1514b641cf52c51b904183553d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 16:13:31 GMT
x-content-type-options
nosniff
age
398079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4160
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 12:27:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Nov 2024 16:13:31 GMT
truncated
/ Frame B377
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4571ee8efe24a5d37c116759c4e022647ea8bb47318b4af908dd3705bc645f29

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6A77
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT8cxDP5fnDBRjK3On6ATAB&v=APEucNXUN8b59aOnwajD3Czau7ragwyv93HcrhbKF9Qo31Nvu3CvJKFbNqVbW2WH50GGTjRK7cnG5U3jVewVoc4nykmD9GiH7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6A77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1&C=1
43 B
554 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT8cxDP5fnDBRjK3On6ATAB&v=APEucNXUN8b59aOnwajD3Czau7ragwyv93HcrhbKF9Qo31Nvu3CvJKFbNqVbW2WH50GGTjRK7cnG5U3jVewVoc4nykmD9GiH7w
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6SlKjrYEh81mV80QlqOlmib%2Bm9MRIUau0XQax3mGez9ej7g1ARwl2EZ0PPeoMs9Y6Ax3l6uUXPgA5kb7ylSK84%2BY9xbmDxwgo6znpZ4nuy0KNQy3Bv5lWxs9SGEY4DuqBgeCO8YAswg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9620cacac9261-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBPLks8EeNCdgjjMBvUbWXQdLJjpizT70EpWbHKI6x7moE80h6cGVzd5OAxB1pAddKszfL1pELs35UQ65aobmDiV8hIUkwWhEVbmt%2F6qASpcjeP9kMXxaHy4sEifAtkqaWEjmNYsXbJ4vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1&C=1
cache-control
no-cache
cf-ray
82e9620c6c999261-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 6A77
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmBqpStMjHJ-iK30jw--gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1
43 B
767 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT8cxDP5fnDBRjK3On6ATAB&v=APEucNXUN8b59aOnwajD3Czau7ragwyv93HcrhbKF9Qo31Nvu3CvJKFbNqVbW2WH50GGTjRK7cnG5U3jVewVoc4nykmD9GiH7w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F2mJ8UtiQq3hp7ypek12DibcxYQBUY3z5pqdD48qgRqiwgeHr7HvocfpR68c%2BzecdVbAWI5VayI7%2FZFrsFq2xVym4FA%2F4ZG92cakAsWKefoJqfHxi9xPdYxWDy5B5dbBsbPg3eDFLt39g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9620d2d6c2c25-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIrC5vqCvVmhoyMWj0Rjg8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E882
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=251418037621&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E882
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=251418037621&version=m202309260101&ct=76&x=1&cor=15949137870919820000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E882
92 KB
39 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CobbAKrimKcwCREbDSZWV5N5kEPAVnu7KKZgVpdxR8dJ0ip0rsUVuchWL7qv9dI8EOFhV4iN3vvPiJGjRWSeLz8AEan432UrESc-3grxi8JpW-7Ba0GZdrZJ5BUb373PESehfbIaRZg7qszXR1Ew78SBiKC1819zNJbz6W4G5ubDoeKlc&dbm_d=AKAmf-DNJg8Sqiq0gRSMdhHA-XH__mv57hrNV-SgtbnI5bLRjikRYj5xlXkBpA_aA1rKQt5gb4tzYbZznW6b2GoC3MYp2nOuRThq9jzBxHTm7FfwxOrumpIIoWd1GhsgG7gFq-Ol_bJHUtOiQFqRTI0ccUBuiVu1earrRlFZciHVkPgi-ozn3pZcU07estl4QQgo4H5hDIXpi_IDR-smFE7S37yk5Iqz5kSVUjqoaUpHhVuV-_ziTdgOn3s1gC6u8a-WlQPWJn_EWUVDUXqcRp0TA0DJFEJUoCa61OnbajYPTfFJey91qqgGzEZjbeMybqcMk1pmQwNl8MTk3L3WL2UfOVwazKaKCUFI_RbWabHdA9xylSx928rc0Ds1xXWUndb3dp9ay2thsiSpbAxh4JlnEWThxbKB0F5txHqma-NYZD_xaeeFftR9szKuia2oE-yEif5-aZVukDfiCJk5dQpCkMGRyaaOvNqAshkiH9-1JoQP6jDfVOFXi-S7N6Yse-yptI6s4_oj0VKgpqZRuipjUxT8bNbhMZVZ1W-jNjBT5bg53w1xwEQnmqK0GBAjthd9PnTyGrLjz_HD1p9T7Hx2TCMl3tPK3Cb9GjaVKlPC5_iSPFjD0Q5UYnuaRK0ojuHmjLLL4wKowfzB1MZztRGQAzrMPQ3BOZX-uL_C7SeS2JkD6rGaIQIerPDb6X0laYyJGK0enkjtvknScSisM4UDmYvKSbK0r5-lrTMC46kL3_8PpqpJjnLVE3C3r0IgHiYnisndlCw7MC3V7wDtYKNf81F9ocncWdPHdWphUjJzwQ_4ygwmJ2Wtt8tRMMUA3fICKYVrQhh5Xtkrnbx-xzcmtKEC7jZxAexDPBhKgRCkwUXHeGTFVb1NLdVvJ59YFOISP2zxSK01kIX---bL6vOUtMj0cQW_-lde-BXsbGRdj4ASQEauychd3aXfiK5Qv4Hop-ydLCx7hsl7vRDYQsdeIU3BgjsxmSvRQH_mr7aV5iP1oeh9w2fkzP5BRDgQr6vdiprcZmbh3hFn6xOqEmLdSLFpX5V1hshfZlg_MxDLcdIVewIjsLNbAhE66pIuD3lN9stU6vvcwNRoBMWAK7Hxe3ECHoUsIckx3ka7cU2d-nKBE8hfbCSLH5Oy0yhPaUWw6sjq7V_74ye85FsnQS6KB10gzNCzdCg66pKiu4BkZP8Ix8HcRMJ7g7N6U-fRzDAE-HPRqZhqOYVJtBvg6R1hTJkNqvc5HI-EBj7LsMf1piGpUxyilXtxlFrqsgaZz1I3wySOuVaO0-ZhZ4lTFvOnHwRp-E5kCGdIvFHMUlm7pORtOGxn6wE4nqIAFRAK_pv_HTa688m06zTgcs_Tb3siZVTzO72J2ZlAxq6NuveQcB4HEKLzORmA5f5ITNAqGwnLX3XfD0pIzI4pF_RgpqvFq-XEgHJHNg4L15uVqTWvanUeTUNIbFo76oruvUxGnNW71jvos7jYwjRGX4Dyx4lC99pah0H1QKwkhAkVDS5k5hOpp7w_Afw4khnOtRDjgCmBDkwUnsr7A2CeErTRf1czOVjkgoy418F8vmxZXqKrJRddb6xCSwVGNCIDjSDSz450Wj1bKwhCaiPU1VjKVUxd7V76tjRiFI3qUvefsOjS0Hx3nIZcCXhSwP43m9zowsG7UWc-znQEhgYGQl9CozHZUdn4NcFSQGFjjUZ6QxNvcicxTmFQi-DUa3NGEpYVQ6KafltlFtey1DOkI9-R8-Yqq2PjsLIsmS4BV7t8apQYzxjZYMr6hqPVFTXaA0SNrMAoxp40cEnGGGc1BQQhOJFSIHlPB46N6eTrC8qaOah0oq3PzKWlqcd3lR9kd7OlkDlV60tQrtirfpOYxUGBgSYTOWwbD_P4ls_NnFB-HIdEB3leQIQXKupYLYPuo89_bFFeVBX49f1mE_yiIC1btfc0YeQ4sMFh4ErQLauFnen1IbyBKmszv-8tr7uJVs6GpxQrwQQwBMdvkBWmoTRdLjsM_QLkNZPVLOiB3Q3lF9SEXHTDOvR04saTnB7PwrX8odJcDMDWWrv-lVI5a4r3cL7tVg-IXQBgSg-OmhZii5E2LthIbGfmhXLb2nI0f-xy-cfWez7vQu1-C0CR-PjvSnjkJ2AARpJ-TM0oGWf8dihRPTI-3Wg3rjXOLdHaupyopsK7oi7206ESphthZLGUIXGZ0FfM4dOeMEl08EN6AviZbX1OT10A4G8gWIZqV6BCQaAQI9xzyrcdL7XLn9Qkx1N4Spwfzmt6DlZKj_uWFUMgUPcFfjydaWQR5_OpehyPPcapVFLOzmXs1ZiTv9wUPBRfh271ZR0kg26jhz7mLDxdQpFtCDkJIj8tDP_ibQ0ej7QSnbhE6u3erUMoOvgCoGS1sDeX2kywe6GL4Igf5cFdtRMpsIpZl7ep6oXbUsasTOJ4BHVU1UyGVum2nPjEKTwBNKmbNTqhldysU2uJ_oeUQomHV0Kzl-GdMxJ5q1PGlaCbFh9Rj1x9w4gyMVkV1UW-copdaP0K_ekGAa-VKqXJKIr2qWIdC1T1S754Q8WsJNaZ6_jXV-nnOrf7TM8McuJ0d2gx9OPNMYWhW75cqOpxgC0c9H1aN8bKcPEEafw1vAXJT3gsJxMDjn1WmN8zDxfzJLII9dVs0QRFP2gp_cS7xyhfO3J8FRP6IfRwf-09hrjouN-k3V8aPyzuPhGVTFNamwnhDiBnjDf13h3X2WGgWX3wCv19iUmbd_2w_qrAPr9LrtroOWaGRsFQ0KrIa5Y08FrAngrElhShu43FXMlBy6Du6kWbROb1zdQ2BqiUw5CIvlh1G0eoLLl8EwvWSzG7DgrKKGbP5LyuiIetUoxfpsY6unpL8zS_OxhSsVFAnn8S4DtN7mzA3x5b7Th91nxKpDxuol2kHbgoADsNKJKyw65KbfcvrpdKeGBXrV02Buh5RdmGK4uMafyMzebDQP8T5BL3qkndqHBo7Fmg7WAR9WMkip4l0qLLApEUhRZMdx3ocs_RnwR-VjU2KVJg6p6fbHJh8mWbMd8EhsnMdkC7eFnM49c1erN5rWVXV8yELyG_mSpc6LMCHSmYLbBnDlLKO_V4RVAkDr8jtF1B2dqPaEC-jrAJpdaQK5MlC0rk-6woddVk2emEbPlf3a26gGBsNkKKUN3z3iLMewi12fxrxHrTMUbqGlTjdBMG5iGAWLBLDt71myTPnTTiz77VK-z8SYOKW7Q6nL45amIzf2eQlj9HvSqvcv0wBhRAA0wxahafJ0dY-DGCjI5foHxwMhj1MN0FDJnJdZzJsjJBsXS5E1e7obFXrQpgL-DEut_H0wYCpnCD0lenB4UbT1rXt30amfYnY1ozAmWrmm912NR1iPRZTRYhlw_qQ9p82ZumCnB11rW50fwX_UawZKbaQWLgJkgpSIrN8FFISYxMM2Y8rko6FJLqanTccudLSkyFp9A5dCfMA3-PmDuoJP7HWUJhI2x_iF4FTWtLxEsCUEXb9L8oF223Sa4ay0rArQHiaqmm0P1DrEQg_vB9Lpin7m13qrx3HIGsTsownoo9szD9yy1VJujq_ykuC1QQjWvHizgtRYlnyMMca5v-sMnW6YxdksEta-z1oxjIoQq9_d-fOFLK1qllFZrYfyUk-CYh1AgRWOAlLvc2qHgUnuwrdJNoABRyLqO0ujLhW3MPl8HRtkiv-y11QwSIWf1rQtjH3Qoyd_VfBmNjuuMeRc2wP3XIpf7J-JaeXbFb72QtQrNLrN6eJKG4Vhw0SMBtoovpflk7_2ukcyMLFX-Utev5ndfpSdhCGaIFXj6SSX0wwOR-ioQFSK-SINbGJwAxW7V1Oq01UAfsx9lXE6EGivEuBM-N1jjGWXMrFA8SRh6mTlv8AUD9ANd4Wb0&cid=CAQSTwDICaaNyO2p_ZSfDy5C7WN2Ze7TB4vW9cm-DurV8h8L5sn79CM5T8Dse0y-o6-gXdyn8ofzWHhDMijhfPmN3GKtAF3JYxmfZ81fmo_ieLoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=15949137870919820000&adk=1964084972&idt=143&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b17609df75cabbd792230b80954b81801b8a3c9f8babb5064bc43620c271ee4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B377
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options
nosniff
age
512912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 08:19:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B377
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.file-upload.in
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
493861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 13:37:09 GMT
container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C11E
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sda.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sda.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HGBT2QSHKRTSSRN72B94ZTRT
date
Fri, 01 Dec 2023 06:48:10 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
6470
etag
W/"505b1404b8e3597f62714f70edb3d993-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
82e9620c8b5592ba-FRA
alt-svc
h3=":443"; ma=86400
adview
securepubads.g.doubleclick.net/pagead/ Frame 4BD7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci8rhqoFpZYP2Jp6L7_UP9cC-8A3S4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSnAk_Qjda3vAd3O_QFHomGkx-1w66DFgEocUxlg-x109aW8T3QvxL64slfWofLuEdz8TEp2Nf9pIzVIRv4ps7rdaUHGi7QPk80s0UmpHEXEojnyu_ghHbuoNQey1Alp-x4-4y4MFHfFMT58ifY03BeqYpBm5rsmecrBOq2htonwgine4uGnzNOJdL_fyhqjCm_KwEjf6MDRX_TDiXObUzT4RtuEmoVYttfrC4FQaN8miBsjXEjwgg_6iAQK5xekrGHDUyIkgVGGdH6S6KLWqaCXHNfxIhClwRYqHbG5CQHyZA7lZu7qi4-L8TwYiHh69v9lslNrnUcSsW6foYmJLr0PKM2jTzhokpdgPgExNH4-wQSwKf4yyY60-5UG0Mr5S2oHhskrBYr7i_gBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WIu3trbS7YIDgAoD-gsCCAGADAHiDRMI0e-2ttLtggMVnsW7CB11oA_e0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Fl_XlK6wyQI&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNAjHWgYIRwFmgNRpwPQV9s5Dxgglcc_WNGQlmYsNgGWI3pIt1u1d0GpaxIL0ZLq-LH1dSzoT4GAE
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

it
ams3-ib.adnxs.com/ Frame 4BD7
0
0
Fetch
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKKB-iKAwAAAwDWAAUBCKqDpqsGEPTe9KK4_7ySGRgAKjYJGr4mGlPEzz8Rlal0OQHszj8ZAAAAQDMzEUAhlQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiV9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaB0w8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00YTNkYTgxNS01ZmZmLTQwZjItYjZlMS1kNmMyYmExZjQ5OTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5xALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4MTE4NDEyMTE2OTI4MjIzODgiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnprMU56Y3pOakkwT1RRMU56a2pNak16TVRNM05qazJPREEzT0RFM01nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF89rR0oX-z49cwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFs4AC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHlfQF0gcNCS4mAAzaBwYICS-kBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a1be0d1dfedf126f43c4dcd6bae8bab737a8aa6a&pp=ZWmBqgAJuwMIu8WeAA-gdc8X6EKbF-5qJ0uiFg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLl9HqoFpZYP2Jp6L7_UP9cC-8A3S4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSqAk_Qjda3vAd3O_QFHomGkx-1w66DFgEocUxlg-x109aW8T3QvxL64slfWofLuEdz8TEp2Nf9pIzVIRv4ps7rdaUHGi7QPk80s0UmpHEXEojnyu_ghHbuoNQey1Alp-x4-4y4MFHfFMT58ifY03BeqYpBm5rsmecrBOq2htonwgine4uGnzNOJdL_fyhqjCm_KwEjf6MDRX_TDiXObUzT4RtuEmoVYttfrC4FQaN8miBsjXEjwgg_6iAQK5xekrGHDUyIkgVGGdH6S6KLWqaCXHNfxIhClwRYqHbG5CQHyZA7lZu7qi4-L8TwYiHh69v9lslNrnUcSsW6foYmJLr0PKM2zz7AMIj5epWQPqVNZV2WdqPbwaIz_faNucVyYZEoNDc8bJfJg7umdzPgBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WIu3trbS7YID-gsCCAGADAHiDRMI0e-2ttLtggMVnsW7CB11oA_e0BUBgBcB%26num%3D1%26sig%3DAOD64_03zRZsPevlh6vYpCeaKrOJiutyRA%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
ebd292d6-dbc4-4d6d-b36c-92cd908ae25f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 4BD7
91 KB
29 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
x-azure-ref-originshield
0TwBpZQAAAABI9FcO9e1WTqWaNBNEXOTYRlJBMjMxMDUwNDE4MDExADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
MopfqcAbO5EhiiMKa7cg6Q==
etag
0x8DBE22005715E9B
x-azure-ref
0qoFpZQAAAACi3cIpAGCJRp6aZ4V7KXR+WlJIRURHRTEzMTgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d50d08eb-d01e-0026-7ece-230181000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 4BD7
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 06:48:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sat, 30 Nov 2024 06:48:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4BD7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4BD7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 4BD7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGaTY04OZaVNK_AWE81Q1PNt-mCT9QAfzbl8FH3WXy3tAFg6XrSV9bmywGyhQxcaDxze7ZgaNOlcfxe0FJvMLi-lnzRA
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4BD7
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
67939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Nov 2024 11:55:52 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4BD7
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:11 GMT
c.gif
www.bing.com/aes/ Frame 4BD7
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=356b1bc1-a4b6-43d1-81d3-833c3e2b86f8&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4a3da815-5fff-40f2...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f45c2a3f6ac34872bf52ed8db369355f&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f45c2a3f6ac34872bf52ed8db369355f&SNR=1&GV=2&med=10
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DCA60E0E7C0247F48ABD7B3447C71671 Ref B: FRAEDGE1211 Ref C: 2023-12-01T06:48:11Z
x-cdn-traceid
0.66e22517.1701413291.4a54b91d
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 01 Dec 2023 06:48:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D80FBFA73DE34F5FADF9999DC684F0DF Ref B: DUS30EDGE0715 Ref C: 2023-12-01T06:48:11Z
x-cdn-traceid
0.66e22517.1701413291.4a54b88d
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f45c2a3f6ac34872bf52ed8db369355f&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
th
www.bing.com/ Frame 4BD7
6 KB
6 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.8177810392893_1QBJY0O15VNVWNIUJR&pid=21.2&c=16&roil=0.0017&roit=0&roir=0.9967&roib=1&w=200&h=105&qlt=90
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2251aa8fed7469f65da1f27f8771e91adc82654330a9ac1e5b59faed5a5d55d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.66e22517.1701413291.4a54b8d7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
5807
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 4BD7
0
530 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLtA-jtAQAAAwDWAAUBCKqDpqsGEPTe9KK4_7ySGRgAKjYJGr4mGlPEzz8Rlal0OQHszj8ZAAAAQDMzEUAhlQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiV9AWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcFYiAUBmAUAoAXz2tHShf7Pj1zABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBbOAAvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5X0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=eac6b37fafbce4178df9a03bb4bea286a70269d9&bdref=https%3A%2F%2Fwww.file-upload.in%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.file-upload.in%2F,https%3A%2F%2F29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
dc1b85ca-a215-40c4-a3e4-06b79cdf8588
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425464
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620d0ce23680-FRA
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425464
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620d0ce33680-FRA
ads
securepubads.g.doubleclick.net/gampad/
186 KB
53 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111251156424992&correlator=255300281973286&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cc80319cf-2567-4473-aa70-ede725041f47&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D8696272dab90478b%3AT%3D1701413290%3ART%3D1701413290%3AS%3DALNI_MZV9iW9Olbs52_oTOxQOOF1sn72gw&gpic=UID%3D00000cffa4a06b5c%3AT%3D1701413290%3ART%3D1701413290%3AS%3DALNI_MYSsMB4MEgj2EA84vhMdFjwAeSLvQ&abxe=1&dt=1701413291036&lmt=1701413291&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320687984.1701413290&ga_sid=1701413290&ga_hid=1830216606&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjkgYqhwjFIABIbCgwzM2Fjcm9zcy5jb20Y_f6JocIxSABSAghkEhkKCnB1YmNpZC5vcmcYxoCKocIxSABSAghqEhgKCXlhaG9vLmNvbRjDgIqhwjFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y_v6JocIxSABSAghkEhcKCHJ0YmhvdXNlGNv_iaHCMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lRbk55TDBNNVVsQlJhV0Z4UkRsME9VMXVRVFJwWnowOUluMD0Y9IGKocIxSAASGQoKdWlkYXBpLmNvbRj-_omhwjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMeAiqHCMUgAUgIIag..&dlt=1701413289223&idt=604&prev_scp=ti%3D57345b2b-1a16-47d8-887d-bd03d4f0c72b%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D96&adks=3607019325&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
459ee625bd5d250ded60048585818e5ffbed34a717a219da333187859c9e39f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53939
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file-upload.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E882
172 KB
61 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 16:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame E882
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CobbAKrimKcwCREbDSZWV5N5kEPAVnu7KKZgVpdxR8dJ0ip0rsUVuchWL7qv9dI8EOFhV4iN3vvPiJGjRWSeLz8AEan432UrESc-3grxi8JpW-7Ba0GZdrZJ5BUb373PESehfbIaRZg7qszXR1Ew78SBiKC1819zNJbz6W4G5ubDoeKlc&dbm_d=AKAmf-DNJg8Sqiq0gRSMdhHA-XH__mv57hrNV-SgtbnI5bLRjikRYj5xlXkBpA_aA1rKQt5gb4tzYbZznW6b2GoC3MYp2nOuRThq9jzBxHTm7FfwxOrumpIIoWd1GhsgG7gFq-Ol_bJHUtOiQFqRTI0ccUBuiVu1earrRlFZciHVkPgi-ozn3pZcU07estl4QQgo4H5hDIXpi_IDR-smFE7S37yk5Iqz5kSVUjqoaUpHhVuV-_ziTdgOn3s1gC6u8a-WlQPWJn_EWUVDUXqcRp0TA0DJFEJUoCa61OnbajYPTfFJey91qqgGzEZjbeMybqcMk1pmQwNl8MTk3L3WL2UfOVwazKaKCUFI_RbWabHdA9xylSx928rc0Ds1xXWUndb3dp9ay2thsiSpbAxh4JlnEWThxbKB0F5txHqma-NYZD_xaeeFftR9szKuia2oE-yEif5-aZVukDfiCJk5dQpCkMGRyaaOvNqAshkiH9-1JoQP6jDfVOFXi-S7N6Yse-yptI6s4_oj0VKgpqZRuipjUxT8bNbhMZVZ1W-jNjBT5bg53w1xwEQnmqK0GBAjthd9PnTyGrLjz_HD1p9T7Hx2TCMl3tPK3Cb9GjaVKlPC5_iSPFjD0Q5UYnuaRK0ojuHmjLLL4wKowfzB1MZztRGQAzrMPQ3BOZX-uL_C7SeS2JkD6rGaIQIerPDb6X0laYyJGK0enkjtvknScSisM4UDmYvKSbK0r5-lrTMC46kL3_8PpqpJjnLVE3C3r0IgHiYnisndlCw7MC3V7wDtYKNf81F9ocncWdPHdWphUjJzwQ_4ygwmJ2Wtt8tRMMUA3fICKYVrQhh5Xtkrnbx-xzcmtKEC7jZxAexDPBhKgRCkwUXHeGTFVb1NLdVvJ59YFOISP2zxSK01kIX---bL6vOUtMj0cQW_-lde-BXsbGRdj4ASQEauychd3aXfiK5Qv4Hop-ydLCx7hsl7vRDYQsdeIU3BgjsxmSvRQH_mr7aV5iP1oeh9w2fkzP5BRDgQr6vdiprcZmbh3hFn6xOqEmLdSLFpX5V1hshfZlg_MxDLcdIVewIjsLNbAhE66pIuD3lN9stU6vvcwNRoBMWAK7Hxe3ECHoUsIckx3ka7cU2d-nKBE8hfbCSLH5Oy0yhPaUWw6sjq7V_74ye85FsnQS6KB10gzNCzdCg66pKiu4BkZP8Ix8HcRMJ7g7N6U-fRzDAE-HPRqZhqOYVJtBvg6R1hTJkNqvc5HI-EBj7LsMf1piGpUxyilXtxlFrqsgaZz1I3wySOuVaO0-ZhZ4lTFvOnHwRp-E5kCGdIvFHMUlm7pORtOGxn6wE4nqIAFRAK_pv_HTa688m06zTgcs_Tb3siZVTzO72J2ZlAxq6NuveQcB4HEKLzORmA5f5ITNAqGwnLX3XfD0pIzI4pF_RgpqvFq-XEgHJHNg4L15uVqTWvanUeTUNIbFo76oruvUxGnNW71jvos7jYwjRGX4Dyx4lC99pah0H1QKwkhAkVDS5k5hOpp7w_Afw4khnOtRDjgCmBDkwUnsr7A2CeErTRf1czOVjkgoy418F8vmxZXqKrJRddb6xCSwVGNCIDjSDSz450Wj1bKwhCaiPU1VjKVUxd7V76tjRiFI3qUvefsOjS0Hx3nIZcCXhSwP43m9zowsG7UWc-znQEhgYGQl9CozHZUdn4NcFSQGFjjUZ6QxNvcicxTmFQi-DUa3NGEpYVQ6KafltlFtey1DOkI9-R8-Yqq2PjsLIsmS4BV7t8apQYzxjZYMr6hqPVFTXaA0SNrMAoxp40cEnGGGc1BQQhOJFSIHlPB46N6eTrC8qaOah0oq3PzKWlqcd3lR9kd7OlkDlV60tQrtirfpOYxUGBgSYTOWwbD_P4ls_NnFB-HIdEB3leQIQXKupYLYPuo89_bFFeVBX49f1mE_yiIC1btfc0YeQ4sMFh4ErQLauFnen1IbyBKmszv-8tr7uJVs6GpxQrwQQwBMdvkBWmoTRdLjsM_QLkNZPVLOiB3Q3lF9SEXHTDOvR04saTnB7PwrX8odJcDMDWWrv-lVI5a4r3cL7tVg-IXQBgSg-OmhZii5E2LthIbGfmhXLb2nI0f-xy-cfWez7vQu1-C0CR-PjvSnjkJ2AARpJ-TM0oGWf8dihRPTI-3Wg3rjXOLdHaupyopsK7oi7206ESphthZLGUIXGZ0FfM4dOeMEl08EN6AviZbX1OT10A4G8gWIZqV6BCQaAQI9xzyrcdL7XLn9Qkx1N4Spwfzmt6DlZKj_uWFUMgUPcFfjydaWQR5_OpehyPPcapVFLOzmXs1ZiTv9wUPBRfh271ZR0kg26jhz7mLDxdQpFtCDkJIj8tDP_ibQ0ej7QSnbhE6u3erUMoOvgCoGS1sDeX2kywe6GL4Igf5cFdtRMpsIpZl7ep6oXbUsasTOJ4BHVU1UyGVum2nPjEKTwBNKmbNTqhldysU2uJ_oeUQomHV0Kzl-GdMxJ5q1PGlaCbFh9Rj1x9w4gyMVkV1UW-copdaP0K_ekGAa-VKqXJKIr2qWIdC1T1S754Q8WsJNaZ6_jXV-nnOrf7TM8McuJ0d2gx9OPNMYWhW75cqOpxgC0c9H1aN8bKcPEEafw1vAXJT3gsJxMDjn1WmN8zDxfzJLII9dVs0QRFP2gp_cS7xyhfO3J8FRP6IfRwf-09hrjouN-k3V8aPyzuPhGVTFNamwnhDiBnjDf13h3X2WGgWX3wCv19iUmbd_2w_qrAPr9LrtroOWaGRsFQ0KrIa5Y08FrAngrElhShu43FXMlBy6Du6kWbROb1zdQ2BqiUw5CIvlh1G0eoLLl8EwvWSzG7DgrKKGbP5LyuiIetUoxfpsY6unpL8zS_OxhSsVFAnn8S4DtN7mzA3x5b7Th91nxKpDxuol2kHbgoADsNKJKyw65KbfcvrpdKeGBXrV02Buh5RdmGK4uMafyMzebDQP8T5BL3qkndqHBo7Fmg7WAR9WMkip4l0qLLApEUhRZMdx3ocs_RnwR-VjU2KVJg6p6fbHJh8mWbMd8EhsnMdkC7eFnM49c1erN5rWVXV8yELyG_mSpc6LMCHSmYLbBnDlLKO_V4RVAkDr8jtF1B2dqPaEC-jrAJpdaQK5MlC0rk-6woddVk2emEbPlf3a26gGBsNkKKUN3z3iLMewi12fxrxHrTMUbqGlTjdBMG5iGAWLBLDt71myTPnTTiz77VK-z8SYOKW7Q6nL45amIzf2eQlj9HvSqvcv0wBhRAA0wxahafJ0dY-DGCjI5foHxwMhj1MN0FDJnJdZzJsjJBsXS5E1e7obFXrQpgL-DEut_H0wYCpnCD0lenB4UbT1rXt30amfYnY1ozAmWrmm912NR1iPRZTRYhlw_qQ9p82ZumCnB11rW50fwX_UawZKbaQWLgJkgpSIrN8FFISYxMM2Y8rko6FJLqanTccudLSkyFp9A5dCfMA3-PmDuoJP7HWUJhI2x_iF4FTWtLxEsCUEXb9L8oF223Sa4ay0rArQHiaqmm0P1DrEQg_vB9Lpin7m13qrx3HIGsTsownoo9szD9yy1VJujq_ykuC1QQjWvHizgtRYlnyMMca5v-sMnW6YxdksEta-z1oxjIoQq9_d-fOFLK1qllFZrYfyUk-CYh1AgRWOAlLvc2qHgUnuwrdJNoABRyLqO0ujLhW3MPl8HRtkiv-y11QwSIWf1rQtjH3Qoyd_VfBmNjuuMeRc2wP3XIpf7J-JaeXbFb72QtQrNLrN6eJKG4Vhw0SMBtoovpflk7_2ukcyMLFX-Utev5ndfpSdhCGaIFXj6SSX0wwOR-ioQFSK-SINbGJwAxW7V1Oq01UAfsx9lXE6EGivEuBM-N1jjGWXMrFA8SRh6mTlv8AUD9ANd4Wb0&cid=CAQSTwDICaaNyO2p_ZSfDy5C7WN2Ze7TB4vW9cm-DurV8h8L5sn79CM5T8Dse0y-o6-gXdyn8ofzWHhDMijhfPmN3GKtAF3JYxmfZ81fmo_ieLoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=15949137870919820000&adk=1964084972&idt=143&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:58:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame E882
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CobbAKrimKcwCREbDSZWV5N5kEPAVnu7KKZgVpdxR8dJ0ip0rsUVuchWL7qv9dI8EOFhV4iN3vvPiJGjRWSeLz8AEan432UrESc-3grxi8JpW-7Ba0GZdrZJ5BUb373PESehfbIaRZg7qszXR1Ew78SBiKC1819zNJbz6W4G5ubDoeKlc&dbm_d=AKAmf-DNJg8Sqiq0gRSMdhHA-XH__mv57hrNV-SgtbnI5bLRjikRYj5xlXkBpA_aA1rKQt5gb4tzYbZznW6b2GoC3MYp2nOuRThq9jzBxHTm7FfwxOrumpIIoWd1GhsgG7gFq-Ol_bJHUtOiQFqRTI0ccUBuiVu1earrRlFZciHVkPgi-ozn3pZcU07estl4QQgo4H5hDIXpi_IDR-smFE7S37yk5Iqz5kSVUjqoaUpHhVuV-_ziTdgOn3s1gC6u8a-WlQPWJn_EWUVDUXqcRp0TA0DJFEJUoCa61OnbajYPTfFJey91qqgGzEZjbeMybqcMk1pmQwNl8MTk3L3WL2UfOVwazKaKCUFI_RbWabHdA9xylSx928rc0Ds1xXWUndb3dp9ay2thsiSpbAxh4JlnEWThxbKB0F5txHqma-NYZD_xaeeFftR9szKuia2oE-yEif5-aZVukDfiCJk5dQpCkMGRyaaOvNqAshkiH9-1JoQP6jDfVOFXi-S7N6Yse-yptI6s4_oj0VKgpqZRuipjUxT8bNbhMZVZ1W-jNjBT5bg53w1xwEQnmqK0GBAjthd9PnTyGrLjz_HD1p9T7Hx2TCMl3tPK3Cb9GjaVKlPC5_iSPFjD0Q5UYnuaRK0ojuHmjLLL4wKowfzB1MZztRGQAzrMPQ3BOZX-uL_C7SeS2JkD6rGaIQIerPDb6X0laYyJGK0enkjtvknScSisM4UDmYvKSbK0r5-lrTMC46kL3_8PpqpJjnLVE3C3r0IgHiYnisndlCw7MC3V7wDtYKNf81F9ocncWdPHdWphUjJzwQ_4ygwmJ2Wtt8tRMMUA3fICKYVrQhh5Xtkrnbx-xzcmtKEC7jZxAexDPBhKgRCkwUXHeGTFVb1NLdVvJ59YFOISP2zxSK01kIX---bL6vOUtMj0cQW_-lde-BXsbGRdj4ASQEauychd3aXfiK5Qv4Hop-ydLCx7hsl7vRDYQsdeIU3BgjsxmSvRQH_mr7aV5iP1oeh9w2fkzP5BRDgQr6vdiprcZmbh3hFn6xOqEmLdSLFpX5V1hshfZlg_MxDLcdIVewIjsLNbAhE66pIuD3lN9stU6vvcwNRoBMWAK7Hxe3ECHoUsIckx3ka7cU2d-nKBE8hfbCSLH5Oy0yhPaUWw6sjq7V_74ye85FsnQS6KB10gzNCzdCg66pKiu4BkZP8Ix8HcRMJ7g7N6U-fRzDAE-HPRqZhqOYVJtBvg6R1hTJkNqvc5HI-EBj7LsMf1piGpUxyilXtxlFrqsgaZz1I3wySOuVaO0-ZhZ4lTFvOnHwRp-E5kCGdIvFHMUlm7pORtOGxn6wE4nqIAFRAK_pv_HTa688m06zTgcs_Tb3siZVTzO72J2ZlAxq6NuveQcB4HEKLzORmA5f5ITNAqGwnLX3XfD0pIzI4pF_RgpqvFq-XEgHJHNg4L15uVqTWvanUeTUNIbFo76oruvUxGnNW71jvos7jYwjRGX4Dyx4lC99pah0H1QKwkhAkVDS5k5hOpp7w_Afw4khnOtRDjgCmBDkwUnsr7A2CeErTRf1czOVjkgoy418F8vmxZXqKrJRddb6xCSwVGNCIDjSDSz450Wj1bKwhCaiPU1VjKVUxd7V76tjRiFI3qUvefsOjS0Hx3nIZcCXhSwP43m9zowsG7UWc-znQEhgYGQl9CozHZUdn4NcFSQGFjjUZ6QxNvcicxTmFQi-DUa3NGEpYVQ6KafltlFtey1DOkI9-R8-Yqq2PjsLIsmS4BV7t8apQYzxjZYMr6hqPVFTXaA0SNrMAoxp40cEnGGGc1BQQhOJFSIHlPB46N6eTrC8qaOah0oq3PzKWlqcd3lR9kd7OlkDlV60tQrtirfpOYxUGBgSYTOWwbD_P4ls_NnFB-HIdEB3leQIQXKupYLYPuo89_bFFeVBX49f1mE_yiIC1btfc0YeQ4sMFh4ErQLauFnen1IbyBKmszv-8tr7uJVs6GpxQrwQQwBMdvkBWmoTRdLjsM_QLkNZPVLOiB3Q3lF9SEXHTDOvR04saTnB7PwrX8odJcDMDWWrv-lVI5a4r3cL7tVg-IXQBgSg-OmhZii5E2LthIbGfmhXLb2nI0f-xy-cfWez7vQu1-C0CR-PjvSnjkJ2AARpJ-TM0oGWf8dihRPTI-3Wg3rjXOLdHaupyopsK7oi7206ESphthZLGUIXGZ0FfM4dOeMEl08EN6AviZbX1OT10A4G8gWIZqV6BCQaAQI9xzyrcdL7XLn9Qkx1N4Spwfzmt6DlZKj_uWFUMgUPcFfjydaWQR5_OpehyPPcapVFLOzmXs1ZiTv9wUPBRfh271ZR0kg26jhz7mLDxdQpFtCDkJIj8tDP_ibQ0ej7QSnbhE6u3erUMoOvgCoGS1sDeX2kywe6GL4Igf5cFdtRMpsIpZl7ep6oXbUsasTOJ4BHVU1UyGVum2nPjEKTwBNKmbNTqhldysU2uJ_oeUQomHV0Kzl-GdMxJ5q1PGlaCbFh9Rj1x9w4gyMVkV1UW-copdaP0K_ekGAa-VKqXJKIr2qWIdC1T1S754Q8WsJNaZ6_jXV-nnOrf7TM8McuJ0d2gx9OPNMYWhW75cqOpxgC0c9H1aN8bKcPEEafw1vAXJT3gsJxMDjn1WmN8zDxfzJLII9dVs0QRFP2gp_cS7xyhfO3J8FRP6IfRwf-09hrjouN-k3V8aPyzuPhGVTFNamwnhDiBnjDf13h3X2WGgWX3wCv19iUmbd_2w_qrAPr9LrtroOWaGRsFQ0KrIa5Y08FrAngrElhShu43FXMlBy6Du6kWbROb1zdQ2BqiUw5CIvlh1G0eoLLl8EwvWSzG7DgrKKGbP5LyuiIetUoxfpsY6unpL8zS_OxhSsVFAnn8S4DtN7mzA3x5b7Th91nxKpDxuol2kHbgoADsNKJKyw65KbfcvrpdKeGBXrV02Buh5RdmGK4uMafyMzebDQP8T5BL3qkndqHBo7Fmg7WAR9WMkip4l0qLLApEUhRZMdx3ocs_RnwR-VjU2KVJg6p6fbHJh8mWbMd8EhsnMdkC7eFnM49c1erN5rWVXV8yELyG_mSpc6LMCHSmYLbBnDlLKO_V4RVAkDr8jtF1B2dqPaEC-jrAJpdaQK5MlC0rk-6woddVk2emEbPlf3a26gGBsNkKKUN3z3iLMewi12fxrxHrTMUbqGlTjdBMG5iGAWLBLDt71myTPnTTiz77VK-z8SYOKW7Q6nL45amIzf2eQlj9HvSqvcv0wBhRAA0wxahafJ0dY-DGCjI5foHxwMhj1MN0FDJnJdZzJsjJBsXS5E1e7obFXrQpgL-DEut_H0wYCpnCD0lenB4UbT1rXt30amfYnY1ozAmWrmm912NR1iPRZTRYhlw_qQ9p82ZumCnB11rW50fwX_UawZKbaQWLgJkgpSIrN8FFISYxMM2Y8rko6FJLqanTccudLSkyFp9A5dCfMA3-PmDuoJP7HWUJhI2x_iF4FTWtLxEsCUEXb9L8oF223Sa4ay0rArQHiaqmm0P1DrEQg_vB9Lpin7m13qrx3HIGsTsownoo9szD9yy1VJujq_ykuC1QQjWvHizgtRYlnyMMca5v-sMnW6YxdksEta-z1oxjIoQq9_d-fOFLK1qllFZrYfyUk-CYh1AgRWOAlLvc2qHgUnuwrdJNoABRyLqO0ujLhW3MPl8HRtkiv-y11QwSIWf1rQtjH3Qoyd_VfBmNjuuMeRc2wP3XIpf7J-JaeXbFb72QtQrNLrN6eJKG4Vhw0SMBtoovpflk7_2ukcyMLFX-Utev5ndfpSdhCGaIFXj6SSX0wwOR-ioQFSK-SINbGJwAxW7V1Oq01UAfsx9lXE6EGivEuBM-N1jjGWXMrFA8SRh6mTlv8AUD9ANd4Wb0&cid=CAQSTwDICaaNyO2p_ZSfDy5C7WN2Ze7TB4vW9cm-DurV8h8L5sn79CM5T8Dse0y-o6-gXdyn8ofzWHhDMijhfPmN3GKtAF3JYxmfZ81fmo_ieLoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=15949137870919820000&adk=1964084972&idt=143&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
28582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11894
x-xss-protection
0
server
cafe
etag
8278194740845609983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:51:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E882
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
564183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
truncated
/ Frame E882
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09dbdcd1d4aa5e397bbc3d1925692d70e11721505bf452455e9caf5186d3f6fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame B377
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8pzmqoFpZeGKG7qf7_UP_fW4mAW77KK9dLiVyZrdEd_jrJuPDhABIJWbyiFg9ZXOgeAEoAGVy6KZKsgBCakC9DuTQFJEsj7gAgCoAwHIAwqqBMMCT9B_Igryy4_UET-C9QyLdGT9S_Ly-UqoyRSoHIOV7m5-lCnfC0EpxWk7UyuzHsDBV9PZxVaG7a-4ZLLZXT3qTsYmMkjP5afFlO67B0yMrvkOoahQQXkat1Wc2Z-QZ24HwzRz3Da8revkIhywyRqQEdmTLj3BPMbQovKAHLYC38gAS6-ABmkxtjszyo-d2G1oqG7dAjktJcyrEfOCLGpV6qkxzxyuHAHlAoLWBEKagblDq2yW_iSNZHCf6MwPovPyDnHDBScWftDC3BbTQAXuNDQor2lYQhO_FAsjaxycNqWuXq-ygqPDJSpYKTT1k-bgedGQiIBseDi598hklZ0GH00gzARk_5-gGruZqcIuMmrgkdwyyM3Zz7jOQWqy4njKS7pq7eAQJBPoMP2gPEuclMgLHR4LHlZWDuQSepDUvGMctz7ABPG9pJTPBOAEAYgF9vqUnU2SBQQIBBgBkgUECAUYBKAGLoAHlYPz-ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCi5AzSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNSzqrbS7YIDmgmLAWh0dHA6Ly9jaC5zZWFyY2hlbC5jb20vZHNyP3E9c2FhcyUyMG1hbmFnZW1lbnQlMjBzb2Z0d2FyZSZhc2lkPXNlX2NoMTkxNCZkZT1jJnNjbGlkPTAtMjQzNzQmcmFjPVNlYXJjaCUyMEZvciUyMHNhYXMlMjBtYW5hZ2VtZW50JTIwc29mdHdhcmWACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwRCgsQsLyRp8iT0cywARICAQPiDRMIkPCqttLtggMVus-7CB39Og5TuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=fXjOUl_IfJs&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPwDICaaN_XMuFXWRNRmGTtUnvPsAkfCRdLngJ7FkazTID_KKHNXJ7bD8xTqa5ou-O2FDa04aDYVJgiCW1aJx8BgB&template_id=484&cbvp=2
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A24A
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
478 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pn=1&sn=3&pc=0.46670694351196285&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425464
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620d4d113680-FRA
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_all_fluidallshapes&sy=b292e3ca-67b2-4fa4-8f35-fb6c4c581410&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=57345b2b-1a16-47d8-887d-bd03d4f0c72b&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425464
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e9620d4d133680-FRA
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 332F
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
71761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 10:52:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4BD7
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
696364a92487bb7010ab791889ccb95e8ce48ceb909abfd2d2666f525ba5322d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 4BD7
0
580 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKKB-iKAwAAAwDWAAUBCKqDpqsGEPTe9KK4_7ySGRgAKjYJGr4mGlPEzz8Rlal0OQHszj8ZAAAAQDMzEUAhlQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiV9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaB0w8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00YTNkYTgxNS01ZmZmLTQwZjItYjZlMS1kNmMyYmExZjQ5OTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5xALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4MTE4NDEyMTE2OTI4MjIzODgiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnprMU56Y3pOakkwT1RRMU56a2pNak16TVRNM05qazJPREEzT0RFM01nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF89rR0oX-z49cwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFs4AC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHlfQF0gcNCS4mAAzaBwYICS-kBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a1be0d1dfedf126f43c4dcd6bae8bab737a8aa6a&type=nv&nvt=5&jm=1003&px=139&py=0&bw=182&bh=90&sid=6517492891399470388&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=1005&ph=90&ww=1005&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
a11839a4-55f9-4145-b36e-50ce7c8cf446
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4AF9
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
444571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame A24A
91 KB
29 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 06:48:10 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
x-azure-ref-originshield
0TwBpZQAAAABI9FcO9e1WTqWaNBNEXOTYRlJBMjMxMDUwNDE4MDExADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
MopfqcAbO5EhiiMKa7cg6Q==
etag
0x8DBE22005715E9B
x-azure-ref
0q4FpZQAAAADZ3O7gzd61TagQ7U86pcDyWlJIRURHRTEzMTgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d50d08eb-d01e-0026-7ece-230181000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
c.gif
www.bing.com/aes/ Frame A24A
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cdc933ea-3aae-432c-ad19-451f3f769d7d&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=15ce145b-4a3e-440e-abb...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7264b51779ee4d918ea7749a59fe0b3a&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7264b51779ee4d918ea7749a59fe0b3a&SNR=1&GV=2&med=10
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 04EA2C24B6494383BD10620AB7C78BF7 Ref B: DUS30EDGE0721 Ref C: 2023-12-01T06:48:11Z
x-cdn-traceid
0.66e22517.1701413291.4a54b96a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 01 Dec 2023 06:48:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F94957C9A1F34E8ABD1CD94A2FB87847 Ref B: FRAEDGE1315 Ref C: 2023-12-01T06:48:11Z
x-cdn-traceid
0.66e22517.1701413291.4a54b907
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7264b51779ee4d918ea7749a59fe0b3a&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
quic-version
0x00000001
trk.js
cdn.adnxs.com/v/s/240/ Frame A24A
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 06:48:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sat, 30 Nov 2024 06:48:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A24A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A24A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame A24A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8WIRUbzXc0nf9brefOnffEbYk-C_rsJ76UEi5P82Lm90b1BgaPR6UZVdzr1lAga118lDZYKGRn4hrbOiHpRDlDPwPCw
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A24A
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
67939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Nov 2024 11:55:52 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A24A
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:11 GMT
dpixel
cms.quantserve.com/ Frame 332F
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDVo8xFB0Oj8F22F71Ke78k&google_cver=1&google_push=AXcoOmQVTQwipmTtajD8RhwfsM5ubt73CRdEe9r92va_jmJdQuneSr9XPo-xO2Jv7SfDOKuP9bTGRoQSxprxyrcvXqgBrGSPH89r
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 332F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEK6Bv7S1KK-ZIqwAEO-wmSM&google_cver=1&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZTzTzILNMgdmn5
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9F3B2D6B1641D1B51B3B9762D11E64&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9F3B2D6B1641D1B51B3B9762D11E64&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZTzTzILNMgdmn5
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9F3B2D6B1641D1B51B3B9762D11E64&google_push=AXcoOmT88JzRunNZ9ZuZLDuq3q2vsACac-Zswa-D-xJKR6I3eEttGqM524KXzFxWdHr-7-n4Q7jxbZSI0QZxvfZTzTzILNMgdmn5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 30 Nov 2023 06:48:11 GMT
pixel
cm.g.doubleclick.net/ Frame 332F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL7dNBWhFUu4vWGcXodgMnw&google_cver=1&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vU...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL7dNBWhFUu4vWGcXodgMnw&google_cver=1&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE
Requested by
Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR7UUX22eyIPJKaGt7s_BQipnkWQrzFdUgtqo1IsmXPawPgbHSjf_37gk-bDuEptexcJzleg8oU1dX5Zb7518i39vUePNE
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 332F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRUUM...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_TVRILDWqepu8qiAwt6j2Jn-HdcczNHzUm8NhA&google_push=AXcoOmRUUMUEkljextAtoUGK2VaHx9T7mK253Nu-0xWuErYT0vuCjwlmg9KPV-POBawA-HuA3YZaLhJ6EzLo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_TVRILDWqepu8qiAwt6j2Jn-HdcczNHzUm8NhA&google_push=AXcoOmRUUMUEkljextAtoUGK2VaHx9T7mK253Nu-0xWuErYT0vuCjwlmg9KPV-POBawA-HuA3YZaLhJ6EzLo1aGgMJCLcXnM0nk
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:10 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_TVRILDWqepu8qiAwt6j2Jn-HdcczNHzUm8NhA&google_push=AXcoOmRUUMUEkljextAtoUGK2VaHx9T7mK253Nu-0xWuErYT0vuCjwlmg9KPV-POBawA-HuA3YZaLhJ6EzLo1aGgMJCLcXnM0nk
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
756168
content-length
0
expires
Fri, 01 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 332F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzyAyCReYY7oES9xybixes&google_cver=1&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32a6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYzMTY0MjE2NTIzOTE4NA&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYzMTY0MjE2NTIzOTE4NA&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32a6jeQoXq9C-4qh686KSzb0
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYzMTY0MjE2NTIzOTE4NA&google_push=AXcoOmRYa8MPa0Gaz1ozzJi5NIMtqjqM9sOnpb1Qt-o2D9hs5FAt96t0T9jcSEGU0P4RdlX5ey1W32a6jeQoXq9C-4qh686KSzb0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 332F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoB9OUbdPayW4nFrMI5HFR4muydG1YO7S4W-NMZNOUZ6WEXAeu9IkIXR4
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
th
www.bing.com/ Frame A24A
12 KB
12 KB
Image
General
Full URL
https://www.bing.com/th?id=OAIP.3cc0f06579d57feddbfc0233ddec6f8c&pid=AdsNative&c=3&w=379&h=198&qlt=90
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b0cc4bc98ba69f71c74084c56784dca7eb6d5385a3bc48987d677d7bc479b43c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.66e22517.1701413291.4a54b918
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12434
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame A24A
0
530 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLrA-jrAQAAAwDWAAUBCKqDpqsGEPCetYKV4rKJVRgAKjYJvi49w5sltj8REyY5_8uOtT8ZAAAAQDMzEUAhEw0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXia9AWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcFYiAUBmAUAoAXZyKfFq875lmnABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAea9AXSBw0VYwEmCNoHBgFepBgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=df1ed2757cf4a7db94d457a7e76bacd15346f753&bdref=https%3A%2F%2Fwww.file-upload.in%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.file-upload.in%2F,https%3A%2F%2F29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
f226c162-28cd-4e2a-a5d9-c5f573f220f7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4AF9
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
32434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 21:47:37 GMT
index.html
s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/ Frame 0E06
181 KB
63 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcda9f75c7a0e11a06b4224c16a6d20ff54dbcb6a7362d4caee8a13b62d85b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:11 GMT
expires
Sat, 30 Nov 2024 06:48:11 GMT
last-modified
Tue, 17 Oct 2023 14:46:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E882
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWRPsHbqzRnXeimW5Encwq4AYim9BpjTyQGRTe_cUIXjPiMjenA5P3DrkUOrpobwUSP5NLoaKqn8jUMS28o_Zs8WPQWU0jbpYI3YbxgBh0-4HYf0Um5NLjdKPWfHy30kL5FREza93DgKByf7_BS-UkzlLwSN3FVYTDJeGu8WLQQJIF-zqOm36m4O2zLyMmGEcsY5t5xmmZvsc9_cMala1jrjXwXQ6y5P0JKwfk7GgJcHPvYtIhELtLmB7Wv2CtsfnITQoHqlu3G7GbpqSnemZ0RqS5IqmnG_BvSOPjPRHFGixLPEBXYaQUoaVFME1jEypH5_beOuercZd7kYSS8ubUrWgwI8A6KrTUvKDJn4TA4ZhiRLUhNvolGnsJ1sAhy7LAbb6PEuuzu7b-im7D6v3U6x-cbqnTEuRLYbKQZ9yR2GFoaHi127fjgd_GM_mO0vOYWhH6nxmFeRCZteO9tDCWF6lz1IxW4w5AgClEPr_sMhZyuNz2ymXMswrDeqZaVulzuVaOhMQqTwwDiweJrBKJ5FrDHPeMo_ZZHXfzW2Io8PIrGisvR1WC_lbYMvq_5RSr_dF2GcKw8dSk-04CM2lTif8_07wDTeVJG_JYVUsGAY20zv46BDzZYjX7Xiaif7tw1WLJJrV0RhAW7Ln-zRn6lWOM2kQG4vaJImvj_rKN89XK57_Rbg8GSyJpfuSuD6TOpxKPHSvKOBtrkEF-_SOzo-OIJGp-oC6PifXBHnaiudyUEOOkTE_dxYHg7ubjKmufe-PMqj7XSGNHqZ88KLXym4W8x8dsNVswEYGvM2B-2aSuAHmSxMokrYqEXRqUZTJkri1rWi52q319mW4c2TiSJddE7LcRbLzklLE8ThqDjbnrDxU8ACf50tgGh2GvWYUTuuMD10reFK4txp-DDOGTeRV5k4hDqFAaBcHlt2lmDAyAs-3lZfURM144A31c6twA5XvXcH7_5luUFxr8s0VIsIj9CncUhIR3nHbFS1rET4rBFBm2H1aTOCxwtYgzbCYUxjiEjWLL__HIttzlHioeLe_mi6Jsm0kqSI1z96NnoWkqnJEHDXhPgTL_VYRVpEGa2wvRI3q3AZJYeevsdWkxofrKKQJw3vcHbn2zyJhRtfBLvbXwYYc8IaNs1A_Cc7QAXDoT1VzO4IoI8gkVzvhNBa49sU6QiNDvGe5WNQJBm15LCMKmbVKscbXpFtmrkP_64SMubTgTHCZSuowLzfIvuSri_OFlihGbVO59b86QZT6h79Ii8LMLwOqeotuMecoxXlwom2dNUnC1PvBq6pfiPhjsBxm4T7ilDiJ6QnnovwZM8r5HjOPh_MnStF-GywTQHiVjRsJRHJi0ra5DfnHVtEVOuynkAqqXBKlbTY-uhFv6m6FiSimZTAb-1mIYzxBAv-84emY&sai=AMfl-YSxhs1Yh_Od80DI7itW5RDIvhLP2I3bAK5Bg5umenu7blG0CYyC9wdj7kVNct19srX07yBsNnUUEHL_y8lD70xeOrEGu0lkPKNQL86GP83YyuP6ygjEONddqNJ_LNrPlogYI3uxtW9JxOnEsqOVJjux9ts6Mxm1f7pBWTUJvhQKMxa_OnFhsUOAuDQAa6IEaYXNB1FDrA-ildNopBzAUNBVVPJa44TViQM6zhgsu8-bhm9LWvJhRAQyFm7xKaD9eRAIBzL9ks3TBi7rKyD4MDPzk6h-c7ct9IWp5M2mQw&sig=Cg0ArKJSzBoPJv8bHg-xEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=121&cisv=r20231129.54687&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 06:48:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3F32
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
71761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 10:52:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A24A
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56e3c29f5e2807effa5ccb3de8e1cb84b46dc10df0e6079f2e7fce2941d167cc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame A24A
0
580 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKWB-iWAwAAAwDWAAUBCKqDpqsGEPCetYKV4rKJVRgAKjYJvi49w5sltj8REyY5_8uOtT8ZAAAAQDMzEUAhEw0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXia9AWAAQGKAQNVU0SSAQEG8F6YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgOnAwrBAi4wAPCfYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTVjZTE0NWItNGEzZS00NDBlLWFiYjEtMTFlOWFmYTY4YTJjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcp5tALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_RTAV9mc19nYnhyYV95dmZnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjEzMDE4NTMxODAyNjc5MjgxNiIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpOelE0TXpVMk5qZzRNelk0TURBak56UTRNelUzTlRFMk1UazJOREU9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdnIp8WrzvmWacAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAea9AXSBw0JAAAJKQGvDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=c9216a3c3578713a1013d850376a28f31d0906ba&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=478&bh=250&sid=6517492891399470388&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
f9c7f749-03d9-4ef0-a379-22e707b855d8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 0E06
2 KB
680 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49e1305a9ecb2f5c422140d4f4209bb7cabf62eb6767790af1c583b354def463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 06:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 06:48:11 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 0E06
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 16:17:25 GMT
pixel
cm.g.doubleclick.net/ Frame 3F32
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELh0hvxRiYRXHF5cMP_4ksQ&google_cver=1&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom9...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom92HDRm1o9pZLKXkemplpcTtd3eaDxOUkrNrjJsoA98vHw&google_hm=0T4x...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom92HDRm1o9pZLKXkemplpcTtd3eaDxOUkrNrjJsoA98vHw&google_hm=0T4xgiXEHyY0lSsmlhW5nw
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSRk3UYT3gl0ngTBKvGR1GZ37K22VBxD3dEVGX2mB5i_4KilJhom92HDRm1o9pZLKXkemplpcTtd3eaDxOUkrNrjJsoA98vHw&google_hm=0T4xgiXEHyY0lSsmlhW5nw
pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F32
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j045QKpa_vvbNg0izp3qCQsaNdEoUOiksu5lZX3v-T5bYv62Q6t4SEevw
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmSujS0-NKAMibys70Rq6teyER0xlfcy5-X-GdJk5j045QKpa_vvbNg0izp3qCQsaNdEoUOiksu5lZX3v-T5bYv62Q6t4SEevw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F32
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEC5eTMW0nEcHJcrbf7cfer0&google_cver=1&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6cDJpiQw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6cDJpiQw
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyuWUoSNs1Ag8FjK7n8fEgFaEhyA9FFLp7MCwiS-NGs6z31fnhahBkYr79GyF2w-zcNvMumsLwmDx1ck6fZB5XkY6cDJpiQw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3F32
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_cver=1&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1&google_hm=cUpqM2J1RjZqVUxJUlJD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1&google_hm=cUpqM2J1RjZqVUxJUlJDZXVVQ3I=
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:12 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTm--G9dOToU_FG8pVrLamjOzS9pN-pt8g5hhO9NupHJSPSHeOz1HJMCfHwNYq7wrXGEI_HwehXN-lp0BFMk5Yx_ucOodr1&google_hm=cUpqM2J1RjZqVUxJUlJDZXVVQ3I=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F32
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENVYYgCF7_IdLEz-3FEKcN4&google_cver=1&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMUE4tRi1KQTJI&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaDh1Mop7eQ4Xc7zzgiVFIiM13WN
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMUE4tRi1KQTJI&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaDh1Mop7eQ4Xc7zzgiVFIiM13WN
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMUE4tRi1KQTJI&google_push=AXcoOmQ84VZtMnanY9YRpIoB5yUgrA4WjnJDiYsyRln3Uu4zaDJZXDSm2iU_jOMM5g4hoaBSzaDh1Mop7eQ4Xc7zzgiVFIiM13WN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
/
cc.adingo.jp/adx/push/ Frame 3F32
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEPLoYxR-8OgsN-dmisztfsI&google_cver=1&google_push=AXcoOmT6R6urKCo7lGD7IzLG3QKOEyczK1xngnB4u8b7VgKGMqX5dX76qtTXnJKr-m3Yw1W39QwbgY7IHOcQjuSnb-4fxwprauL1NA
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.121.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-121-123.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
server
awselb/2.0
/
onetag-sys.com/match/ Frame 3F32
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF2nC1ssDFg03TxW3CMKX6g&google_cver=1&google_push=AXcoOmSDQWxXcI-EuDDbroCv9WqaBnItc_uKr1fdRpZyb1KYszMnWY7UQvQnB7VGITw_tCb3saMQITPvTBr...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDQWxXcI-EuDDbroCv9WqaBnItc_uKr1fdRpZyb1KYszMnWY7UQvQnB7VGITw_tCb3saMQITPvTBrBCQ8Fmji5dogYKyc7qdQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3F32
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkdQr5BI-9zzzHbcEZjcGChhSRZ3xTJW8-o27LsfGTE-xOucSqB0idrRhDsed5CgrNDPc9bw
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame A24A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCUtAqoFpZZCuLJ-C7_UPnZCKwAXS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSrAk_QEBuwlnkMiWrFSDvmJqpu-vxPyxT6slhWP-CreiB5y5CQGZ80Uytppa7XiUIQMvzkCOdC93nRRLEfRlDnNnAajO8leZGM3uO37SAZsHNf4Xowe_gNVVj0EeUC1ZueIN2gQCqSn6utzOs5fiV2nUT4yzegtSBxwsM_RYixPeXiIH6hoWNgRYnkX3Lrx-EWwyUHFRGGPl2oVQjjKl9dK67FEq-kuwJnmTmYxWuqLfWemZUHi8_xXjEQl50P0lrWEBTVKKTb43qCT4pY5lgqVqrzNIIgKVMEMM2_VztjivXGNRbEFf4rANaFKwZh0l7s6j4tAtJdr2f3T8BNa6j5L7AL01bvQpjAsoy1hm001ncNhVbyvD8kCVmmiBhTF4lytgJXQBcHffjp3hWZ4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljt7Lu20u2CA4AKA_oLAggBgAwB4g0TCIClvLbS7YIDFR_BuwgdHYgCWNAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=xZa0gvVkr4s&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNqVq20FJLV_D5VZrbx_zUSOcGvJfhtk7tjt8CsLYCxeWSYRw88JoJEV4_ADmBm2VgD8THmBKoGAE&cbvp=2&vis=1
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

it
ams3-ib.adnxs.com/ Frame A24A
0
529 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKWB-iWAwAAAwDWAAUBCKqDpqsGEPCetYKV4rKJVRgAKjYJvi49w5sltj8REyY5_8uOtT8ZAAAAQDMzEUAhEw0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXia9AWAAQGKAQNVU0SSAQEG8F6YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgOnAwrBAi4wAPCfYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTVjZTE0NWItNGEzZS00NDBlLWFiYjEtMTFlOWFmYTY4YTJjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcp5tALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_RTAV9mc19nYnhyYV95dmZnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjEzMDE4NTMxODAyNjc5MjgxNiIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpOelE0TXpVMk5qZzRNelk0TURBak56UTRNelUzTlRFMk1UazJOREU9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdnIp8WrzvmWacAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAea9AXSBw0JAAAJKQGvDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=c9216a3c3578713a1013d850376a28f31d0906ba&pp=ZWmBqgALFxAIu8EfAAKIHX1BxBqG_qlyd9DQ_A&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5vYxqoFpZZCuLJ-C7_UPnZCKwAXS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSuAk_QEBuwlnkMiWrFSDvmJqpu-vxPyxT6slhWP-CreiB5y5CQGZ80Uytppa7XiUIQMvzkCOdC93nRRLEfRlDnNnAajO8leZGM3uO37SAZsHNf4Xowe_gNVVj0EeUC1ZueIN2gQCqSn6utzOs5fiV2nUT4yzegtSBxwsM_RYixPeXiIH6hoWNgRYnkX3Lrx-EWwyUHFRGGPl2oVQjjKl9dK67FEq-kuwJnmTmYxWuqLfWemZUHi8_xXjEQl50P0lrWEBTVKKTb43qCT4pY5lgqVqrzNIIgKVMEMM2_VztjivXGNRbEFf4rANaFKwZh0l7s6j4tAtJdr2f3T8BNa6j5L7AL01bvQtrCkx53IpdZQo15MMirOIkgKlMigTZLziv074brwD0rZThoPHgNYnHW4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljt7Lu20u2CA_oLAggBgAwB4g0TCIClvLbS7YIDFR_BuwgdHYgCWNAVAYAXAQ%26num%3D1%26sig%3DAOD64_3I6L5tMOtb36OR8Q3OoFN-bjJ2lg%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
an-x-request-uuid
a2ba2f28-c627-4a2e-93b1-173dada2ae4b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 0E06
46 KB
46 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af4fa13d9c2e8d0e1449708b04a3bbac146094c0bcd926b1e15833223699b834

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 0E06
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 11:02:15 GMT
x-content-type-options
nosniff
age
503156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19440
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:08:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 11:02:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E882
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWRPsHbqzRnXeimW5Encwq4AYim9BpjTyQGRTe_cUIXjPiMjenA5P3DrkUOrpobwUSP5NLoaKqn8jUMS28o_Zs8WPQWU0jbpYI3YbxgBh0-4HYf0Um5NLjdKPWfHy30kL5FREza93DgKByf7_BS-UkzlLwSN3FVYTDJeGu8WLQQJIF-zqOm36m4O2zLyMmGEcsY5t5xmmZvsc9_cMala1jrjXwXQ6y5P0JKwfk7GgJcHPvYtIhELtLmB7Wv2CtsfnITQoHqlu3G7GbpqSnemZ0RqS5IqmnG_BvSOPjPRHFGixLPEBXYaQUoaVFME1jEypH5_beOuercZd7kYSS8ubUrWgwI8A6KrTUvKDJn4TA4ZhiRLUhNvolGnsJ1sAhy7LAbb6PEuuzu7b-im7D6v3U6x-cbqnTEuRLYbKQZ9yR2GFoaHi127fjgd_GM_mO0vOYWhH6nxmFeRCZteO9tDCWF6lz1IxW4w5AgClEPr_sMhZyuNz2ymXMswrDeqZaVulzuVaOhMQqTwwDiweJrBKJ5FrDHPeMo_ZZHXfzW2Io8PIrGisvR1WC_lbYMvq_5RSr_dF2GcKw8dSk-04CM2lTif8_07wDTeVJG_JYVUsGAY20zv46BDzZYjX7Xiaif7tw1WLJJrV0RhAW7Ln-zRn6lWOM2kQG4vaJImvj_rKN89XK57_Rbg8GSyJpfuSuD6TOpxKPHSvKOBtrkEF-_SOzo-OIJGp-oC6PifXBHnaiudyUEOOkTE_dxYHg7ubjKmufe-PMqj7XSGNHqZ88KLXym4W8x8dsNVswEYGvM2B-2aSuAHmSxMokrYqEXRqUZTJkri1rWi52q319mW4c2TiSJddE7LcRbLzklLE8ThqDjbnrDxU8ACf50tgGh2GvWYUTuuMD10reFK4txp-DDOGTeRV5k4hDqFAaBcHlt2lmDAyAs-3lZfURM144A31c6twA5XvXcH7_5luUFxr8s0VIsIj9CncUhIR3nHbFS1rET4rBFBm2H1aTOCxwtYgzbCYUxjiEjWLL__HIttzlHioeLe_mi6Jsm0kqSI1z96NnoWkqnJEHDXhPgTL_VYRVpEGa2wvRI3q3AZJYeevsdWkxofrKKQJw3vcHbn2zyJhRtfBLvbXwYYc8IaNs1A_Cc7QAXDoT1VzO4IoI8gkVzvhNBa49sU6QiNDvGe5WNQJBm15LCMKmbVKscbXpFtmrkP_64SMubTgTHCZSuowLzfIvuSri_OFlihGbVO59b86QZT6h79Ii8LMLwOqeotuMecoxXlwom2dNUnC1PvBq6pfiPhjsBxm4T7ilDiJ6QnnovwZM8r5HjOPh_MnStF-GywTQHiVjRsJRHJi0ra5DfnHVtEVOuynkAqqXBKlbTY-uhFv6m6FiSimZTAb-1mIYzxBAv-84emY&sai=AMfl-YSxhs1Yh_Od80DI7itW5RDIvhLP2I3bAK5Bg5umenu7blG0CYyC9wdj7kVNct19srX07yBsNnUUEHL_y8lD70xeOrEGu0lkPKNQL86GP83YyuP6ygjEONddqNJ_LNrPlogYI3uxtW9JxOnEsqOVJjux9ts6Mxm1f7pBWTUJvhQKMxa_OnFhsUOAuDQAa6IEaYXNB1FDrA-ildNopBzAUNBVVPJa44TViQM6zhgsu8-bhm9LWvJhRAQyFm7xKaD9eRAIBzL9ks3TBi7rKyD4MDPzk6h-c7ct9IWp5M2mQw&sig=Cg0ArKJSzBoPJv8bHg-xEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=360&vt=11&dtpt=234&dett=3&cstd=121&cisv=r20231129.54687&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f78b195e693f5214f78f93e8c1d6b443897f9b2b754b4f1a539004569c36913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12516
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0E06
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e786fcf00a1af89ed0b3c5c794fc71a77dc851a5bb6e78e8da98f3c7d3d4272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5963
x-xss-protection
0
logo.png
s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/ Frame 0E06
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3765f41aa286c557f32c55f5a193b6103159bdf749ddb1f20d6f8854d14c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 04:42:56 GMT
x-content-type-options
nosniff
age
93915
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10264
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:46:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 04:42:56 GMT
phone.png
s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/ Frame 0E06
44 KB
44 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/phone.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8284cc1369df3a70f90047eab943fbcd17484e603045709dcabe7541e5eae31f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:33:01 GMT
x-content-type-options
nosniff
age
910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44621
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:46:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 06:33:01 GMT
shape.png
s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/ Frame 0E06
85 KB
85 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/shape.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f6d2b3e18b203ba0f0c867f2bbcc436b09d248e4656e2920b586d68b9c68f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:33:01 GMT
x-content-type-options
nosniff
age
910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87421
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:46:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 06:33:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AF9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcQ2FqoFpZcLxOrXHx_AP2NSo4AoAAAAAOAHgBAI&bg=!cnGlcT7NAAY3kmNgF5I7ADQBe5WfOKGmcaXGrGgI7Ho3oOn8oJqSV-xhdaZ6RD32u5DtT9h1R2fsluMnFSMMSCW1hCvYAgAAAO5SAAAAAmgBB5kDCoRDtEBTmITSimqJOljrXDnwzyVXUxEsPHyxhKprji-uGywsTVDMyNW0hIX6t-YmxCCmkb_2L5q1RNxisSjBGtF71GViXBj3CZCBAwGCxxWsnTjOwWvKDM0eD5lpFAqQ0QlZIIru_wZ0i7XMd6cK6ERN9405yc-gNdoYuB3fQYeZB90uob8ZICKd7uqbI_jaPqyuQkvkVj-zpTRwomRs_KnUcB9wNs2kYuEnh189GhyuZajrOJcrh-ddJp2iWNANnMxPJ-kFO591yV-LnKpYmj_QfF9xDcUrSS0NWim6a8clRuDkJ1EdGpl7jrRAeuau7QV0ESyKheG59t8joR099dXMo6sO4WgAXkkd1gj-5_W864BvDLegb87EeV6VTmyLPF5qfDQvrwu3o2yD47QFT2hT9HdUM4NSif8fubHZ_yRfy4iVd-uA7kxZbcaaA7CZ5cvuC2g7hTkQrrMgwAhjgmE9DM903iie6ykCqKNIN_jXoAvJjYOZx3b7KhrC4s7LCT1HBvkK4996agLht3shG1ItwEtlUAuXjvNOd9lReu-oeUUcs3Xe5ObhwkJ99mxE3Iz9VLEAumWFClOd5ymS7M7A-v8KD6d2PT2MTOZe4ihxjnypZusVvaZhRZ42pAnRalvuUXy7XZDNQJKmhcr2AXZR15azOdfIs0SS03lVxDnvNjqQDJEAqzfW3doVK9BANkCPV60_DZJGEovAbjrbju-oY56b5JPaz4ggKz7A4rL9IpSThz9H_n8raNdneWco5_7929JCcikdYNsis8JSLA2jepXfPXXxw8QZlmke5sK5XJY7v1SXtT1EMALReaXJqoFxMw_FCG4MvQYK7xI4jg_SpIdjM10TFRKuzytqqelfxzrBM_Nn6xiawX9FXvgFu_CaNCy5W89h_BFfVaiXWUk9-BKyB-yZ0RYV3woj_dPJHC50Sbt7-7XlvMn_WPk0Pv0UA5lsB4QgO3M8aDuGHceEQ-ZhtXmbb5tU_OoQbHBUjWYo3y5KEmVIr-0Mn-VcALd5x1XZbcGaZnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-1gi7znek.c.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0E06
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r5---sn-1gi7znek.c.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/acao,ctier,expire,id,ip,ipbits,itag...
888 KB
889 KB
Media
General
Full URL
https://r5---sn-1gi7znek.c.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AB4320A73629A8E65A19E534D9B20E725FE9EF8.06D7B3F2254170B75771D5F8654215348D9C9645/key/cms1/cms_redirect/yes/mh/hD/mip/2001:ac8:28:5f:2fb::1/mm/42/mn/sn-1gi7znek/ms/onc/mt/1701413068/mv/m/mvi/5/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400a::a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f498bbab3d467be6517543fee2c14afaa81f4c21ed10c809b4b6f71e6c93eedd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 06:48:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 14:46:31 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-909487/909488
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
909488
Expires
Fri, 01 Dec 2023 06:48:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-1gi7znek.c.2mdn.net/videoplayback/id/eaeb302077420a7b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732949290/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AB4320A73629A8E65A19E534D9B20E725FE9EF8.06D7B3F2254170B75771D5F8654215348D9C9645/key/cms1/cms_redirect/yes/mh/hD/mip/2001:ac8:28:5f:2fb::1/mm/42/mn/sn-1gi7znek/ms/onc/mt/1701413068/mv/m/mvi/5/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prod_studio_01_250_videomodule.js
s0.2mdn.net/879366/ Frame 0E06
13 KB
5 KB
Script
General
Full URL
https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16919400551001401253/1697553960622/index.html?e=69&leftOffset=0&topOffset=0&c=YgxIOpMEfC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 08:02:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0E06
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 06:48:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 06:48:11 GMT
container.html
29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 70A0
6 KB
3 KB
Document
General
Full URL
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:09 GMT
expires
Sat, 30 Nov 2024 06:48:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=file-upload.in_auto_interstitial_desktop&sy=b292e3ca-67b2-4fa4-8f35-fb6c4c581410&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=57345b2b-1a16-47d8-887d-bd03d4f0c72b&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425464
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e962105fa33680-FRA
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A3E3
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
32434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 21:47:37 GMT
css2
fonts.googleapis.com/ Frame 70A0
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 05:29:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 06:48:11 GMT
css
fonts.googleapis.com/ Frame 9D21
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 05:36:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 06:48:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9D21
2 KB
826 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 9D21
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D189
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:04:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9D21
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BC2D
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
71761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 10:52:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9D21
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 9D21
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZVLwUi9HEJmEPAJRBUgtZq702-FYY-xxabcPsW6GkznzC4S1D826dVvu8113jyVgyuK-AABdXv9tlMXHRMTnwU1oydQ
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9D21
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:48:11 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 9D21
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 70A0
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
28886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9189
x-xss-protection
0
server
cafe
etag
14682237860056745894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:46:45 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 70A0
205 B
297 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options
nosniff
age
134367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 17:28:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 70A0
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options
nosniff
age
130110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 18:39:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF16
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
62183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 13:31:48 GMT
expires
Fri, 29 Nov 2024 13:31:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29E4
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b6d462f4c1f71d4122aa5291e18acf63e6150a5fb5806721158cd1a370fc7a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IZnJxUR-BveOpIx6qXI-gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file-upload.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IZnJxUR-BveOpIx6qXI-gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:11 GMT
expires
Fri, 01 Dec 2023 06:48:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame D189
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:11 GMT
expires
Fri, 01 Dec 2023 06:48:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:48:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELh0hvxRiYRXHF5cMP_4ksQ&google_cver=1&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u1...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u13JhNYHxK2G2VUBZQM-S19gBxUKwqklwf5r59CUJojdmA&google_hm=0T4x...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u13JhNYHxK2G2VUBZQM-S19gBxUKwqklwf5r59CUJojdmA&google_hm=0T4xgiXEHyY0lSsmlhW5nw
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQf9PfpQYAP7EsWHTgme4PCwwDDRCCHVM3w-p-vdkPNRuzEEgJ3u13JhNYHxK2G2VUBZQM-S19gBxUKwqklwf5r59CUJojdmA&google_hm=0T4xgiXEHyY0lSsmlhW5nw
pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmTEq226_QtpnrXKjuzHxOzYLipwwfVmroS_s29Bi6M...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmTEq226_QtpnrXKjuzHxOzYLipwwfVmroS_s29Bi6MSLafiYfQu7ytujnkEST8FAU1hx0lXtapAA0yqFhmvkd_AKNODLS9-
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SnhnTnZ1SmgxUjhYalI1&google_gid=CAESEHjcLyjBIw3mYjaZ1Q0Bh4c&google_cver=1&google_push=AXcoOmTEq226_QtpnrXKjuzHxOzYLipwwfVmroS_s29Bi6MSLafiYfQu7ytujnkEST8FAU1hx0lXtapAA0yqFhmvkd_AKNODLS9-
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame BC2D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS1...
43 B
451 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e96212ddc22bd1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
261
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF-h9PFpeZs96_U8G_bm5cE&google_cver=1&google_push=AXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSefxhoniRc2Q6R4yxfQGPZdsh9I_a1n6rWj4yWe0vSHdqT9A1I-KGam_pizqeolw1hrySoGxJxOIVcs1mi3H5yvIl0VS138Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e962117c332bd1-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJQucFFos4yo7wo-v6ArcWs&google_cver=1&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGr...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGrDDGHECA&google_hm=eS05dlk2MXFsRTJwRTJT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGrDDGHECA&google_hm=eS05dlk2MXFsRTJwRTJTdXZTc25sWXNSRXd6cUxhM0FpTX5B
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 06:48:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7K4O-hz4LKScnIy-d3cPZUTX4gLxF-For72VyzisAd178MtL-eyXO3XmaggYSBbrxCK8DISlpqB9987UanLPutGrDDGHECA&google_hm=eS05dlk2MXFsRTJwRTJTdXZTc25sWXNSRXd6cUxhM0FpTX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_cver=1&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2ho...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOdhgChUeOSKA_7TxD1aZM&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w&google_hm=bUNsTVl1SDV6amg0X2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w&google_hm=bUNsTVl1SDV6amg0X2djd3NKM28=
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 06:48:12 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROdcWUc5fusfEIf_Vrd_IqwK9pCAvmiN_Te2-rcwRmh0uHOBBNJUarkovJe0Bo06ItaAHzv1mjqU2hoGN8EL3GzQM9TFH4_w&google_hm=bUNsTVl1SDV6amg0X2djd3NKM28=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENVYYgCF7_IdLEz-3FEKcN4&google_cver=1&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMVlQtMVEtSlVFOA==&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWWuL9S2BYkGvXG73Bl9wJRV7F_B8A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMVlQtMVEtSlVFOA==&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWWuL9S2BYkGvXG73Bl9wJRV7F_B8A
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNOUpMVlQtMVEtSlVFOA==&google_push=AXcoOmRrLlYbnMRIOpgrV1nFobefPEwiKYvSU1yPnoCBHM7hHaO41e8w0ReidFxUX_iGELwdkWWuL9S2BYkGvXG73Bl9wJRV7F_B8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame BC2D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECy9rvf7eKix5-IIa1yurM4&google_cver=1&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECy9rvf7eKix5-IIa1yurM4&google_cver=1&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw&google_hm=HvzYvGZHWBK8Pp4KQLGk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw&google_hm=HvzYvGZHWBK8Pp4KQLGkK89B
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 01 Dec 2023 06:48:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToRCA9uTMiDUj1wz11G7w-jXir67bhh7bKCI0sXJEGp-0V21i6ED5qcCMXA5BO3XOl0fzAgBog4reiUjOkqW_Jr9XcHyYAZw&google_hm=HvzYvGZHWBK8Pp4KQLGkK89B
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame BC2D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFoSm0--THk3Tzp8lUzDPSFXi-Sp2eQjlgpgQqHsq2w8aL2IvBzIK_JwfQC71u14_btdqK
Requested by
Host: 29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
URL: https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 29E4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=111251156424992&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AF16
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
32434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 21:47:37 GMT
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 4F71
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/wxkhqan2vv21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
122421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:47:50 GMT
generate_204
tpc.googlesyndication.com/ Frame AF16
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?SEgnBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 06:48:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dc_oe=ChMIwu7LttLtggMVteMRCB1YKgqsEAAYACDBs9hgQhMIu4mXttLtggMVbcu7CB1RYwqG;dc_eps=AHas8cD6T4WTv_HW-WtYi0RnfaJl8Kd6jWeMQlXdNWIiRjhE8McDdraAgWjClqPqWEcNhsMyzOj7;met=1;&timestamp=1701413291898;eid1=87...
ade.googlesyndication.com/ddm/activity/ Frame E882
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwu7LttLtggMVteMRCB1YKgqsEAAYACDBs9hgQhMIu4mXttLtggMVbcu7CB1RYwqG;dc_eps=AHas8cD6T4WTv_HW-WtYi0RnfaJl8Kd6jWeMQlXdNWIiRjhE8McDdraAgWjClqPqWEcNhsMyzOj7;met=1;&timestamp=1701413291898;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B377
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzQhbED_6Rygl9oA3MmUZ70s9fmnMp20UpUl0NfZ_eVyPWiAfBQGHBiG5KYA9WGpNXoMWmkNHCjMjewunluUwFGaAsl-dM7CnKwXSAGu_w1l9cEsPrqayQ4vBbMeUGm4mUo9d_EfpvJ0yN&sai=AMfl-YRIrom7mrKexoiAwpB3d267nuhRj3zFkKW79tsCJUcwQiuggnhmVFHUBkHnqJv0kk7HzBuW-WuMWZCOm_ClpnhwBh_3PLzueD60nJ_RAif-i1QDtNtHzTuT76C697LJ74O190zt6-BqqeQ&sig=Cg0ArKJSzADTkouqlMEYEAE&cid=CAQSPwDICaaN_XMuFXWRNRmGTtUnvPsAkfCRdLngJ7FkazTID_KKHNXJ7bD8xTqa5ou-O2FDa04aDYVJgiCW1aJx8BgB&id=ampim&o=288,231&d=1024,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=219&tls=1219&g=100&h=100&tt=1220&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E882
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNUrGp7XUhi6M8qCvCFF_PQstPicDLkc8AUy35_L8S_ACbQKXwiYOJ6Xpauai_2-vFz2t8iYcpoOPT5FTMNNusU-NWzpR11F-lhzKqRn_wsuo4TJ19HRJ_0EfoCXRNSkslwW4niszEFA&sai=AMfl-YRj2qVCoYvspoqyB1FaHkcPIx2-Xsl-SrEZgySLprFxrbRHDsmfpqPKhMMi6AbG-KIq8pAGDeJL0j0nWt3DsXluM66JQnTdJPyn6i4jUULCvPqqUwRIuyb8dK2gj_tBmZGQjsv7chsztllk_jwyjvusLqEy43aVy-aZ&sig=Cg0ArKJSzNQ6KZkNTmfqEAE&cid=CAQSTwDICaaNyO2p_ZSfDy5C7WN2Ze7TB4vW9cm-DurV8h8L5sn79CM5T8Dse0y-o6-gXdyn8ofzWHhDMijhfPmN3GKtAF3JYxmfZ81fmo_ieLoYAQ&id=lidar2&mcvt=1000&p=615,315,865,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1586647840&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701413290724&rpt=346&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=111251156424992&bg=!FRalFlnNAAY3kmNgF5I7ADQBe5WfODE8Zr3EDY9kDIFVda6tzlx2qhi7yqfxUikrHCycFWqubMKLzbSXnyYKE3FwLCLGAgAAAGNSAAAAAmgBB5kCuUewI9eG0PUzFzbd7EeqMBP9nImPkxXGTuUB4oPPjU_lS640Z1dughDOoKjHX-NY807UmvV7NN4my8hEmJw4kSBh7feFf1ofXox-BCIwEpDTSYSwc-8i6jswewR3L46EtCO2o4oR8g6Ht2oEdT89NVGTFKqNFaa2L4SeRNvPiA0P_-Xig54xlnHffoh2ux4hxdJMeUNz8hM7zho4-NnXos7EnCNu1QM9676_WBQ-0oZVa7CnsXrKAbP8Jg5XzUpZ1sIstNO1oob-aSnLYooW5j_Mhs61_PvWmUXvg53ksnj9NuUTAOSKPk-sufDrI6JTAjQ_21_TlihnjOs5a8JVuZ6cLJ3wzaIy69KMUV0bQF0c3bakAoRTnckv0_4Pv7c1dRw_ICnBTvZ_Ye9yT1V3RljORRZQPcNXWgCEdUe1UdxxqL9R1GoNrGVuS5w76mAAPgDq1k3msZ3iYfRcUCagFWa_6SwhXxCmaWGf9abM3uFqRSwuYhFXFO0XRnO6K2Pck0eaHsyKZLV0q-wsrv6zacLokKLl_DPYV-URoISH4ZJ9WwRQi7F28bTAPXQoBjFY394WghR0jUvu11C-sv7k-TQxUWUGcv2rLxbRVnic4zHbBqX_PtlfDgsbKA80vfWsGHnnfuHZe3z0LQVkJaBICcL4059vbkRsNzCaC7wc17Fxy2Q-8syiztls0wt7BHkjMdO1dYFX8nclAb3ACL41GqH1zFRGNGYg01Gn1GsMv4bV7F0pV8Q8FhxJtZmK-1jao-kdkxvu4Jhra2unRWfuYJhL7xdboM-cAutY3Rw0LZEd64JAyD3XpsSQaXvPkkBL674KGx7p7EI7r05IplIPZIlhWOFEUKXtDeUzxKt5vZYvLe2vEwcdTo2Vqg_jzNaWgBulfz5As-C3deguu_Q-v4CcPetoY91LEWc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame A24A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubTtwkS7dK28-TCiuUyseLcA7QaE6yskuiljKYvQ78TLFvHpd1oeSVoi1YTKD_L3-D2PUcLxl7KR-B98lIBhQYTwc8IcmGTnw8TotvGFBFZEJGqdOEJg&sig=Cg0ArKJSzLjKKPBFFoVhEAE&id=lidar2&mcvt=1000&p=1078,315,1328,1285&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=0.49&if=1&vu=1&app=0&itpl=20&adk=608434957&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701413291078&rpt=208&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BD7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAYTy1kbBNSbN109M_TqTw_HJ4q5CTwb0gFKE5sT-X_eLs-DdSm2zm4ig1k2ZpSbypuF6q1ceKwJepV72phRglcp-6IoiXr-JgU-9-do0W_sPg6L_8xQ&sig=Cg0ArKJSzC-bqC8YbHHDEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=334,835,1002,1060,1060&tos=334,501,167,58,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=783718922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701413290983&rpt=272&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
www.bing.com/aes/ Frame 4BD7
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=356b1bc1-a4b6-43d1-81d3-833c3e2b86f8&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4a3da815-5fff-40f2...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f45c2a3f6ac34872bf52ed8db369355f&tids=15000&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f45c2a3f6ac34872bf52ed8db369355f&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3100::1725:e26a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B49B1AAA646147F8A07197551E71ED3C Ref B: FRAEDGE1321 Ref C: 2023-12-01T06:48:12Z
x-cdn-traceid
0.66e22517.1701413292.4a54beb2
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 01 Dec 2023 06:48:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9E62C078A32C48FBB28F79F4DF13C0EB Ref B: FRA31EDGE0508 Ref C: 2023-12-01T06:48:12Z
x-cdn-traceid
0.66e22517.1701413292.4a54be53
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f45c2a3f6ac34872bf52ed8db369355f&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
gen_204
pagead2.googlesyndication.com/pagead/ Frame E882
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=251418037621&version=m202309260101&ct=76&x=1&cor=15949137870919820000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 4BD7
0
580 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QKKB-iKAwAAAwDWAAUBCKqDpqsGEPTe9KK4_7ySGRgAKjYJGr4mGlPEzz8Rlal0OQHszj8ZAAAAQDMzEUAhlQ0SACkRJNAxAAAAgML12D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiV9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaB0w8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00YTNkYTgxNS01ZmZmLTQwZjItYjZlMS1kNmMyYmExZjQ5OTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5xALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4MTE4NDEyMTE2OTI4MjIzODgiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnprMU56Y3pOakkwT1RRMU56a2pNak16TVRNM05qazJPREEzT0RFM01nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF89rR0oX-z49cwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFs4AC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHlfQF0gcNCS4mAAzaBwYICS-kBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a1be0d1dfedf126f43c4dcd6bae8bab737a8aa6a&type=pv&jm=1003&px=139&py=0&bw=182&bh=90&sf=1&sid=6517492891399470388&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 06:48:12 GMT
an-x-request-uuid
6652aebd-88b7-4414-9a09-730b61992949
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file-upload.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
01HEQ2314B95TB4R9WBQ00WDV2
date
Fri, 01 Dec 2023 06:48:15 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1425468
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"4de2110991f3807e8b4a19c48c14f2d1-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82e96229fdc73680-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_-awV1NxoZii53wpgE_W4qsCgpkvr5vNOYS3BiXO1mbfJD6Qtt9I5ztw31XebiRNFmS98f3-bq42h0clb1iaR7v43Pg3a8KuXHIusjhD3a4cX-DZRRV6Iv0SV0Rrz6g1hLNZ82D3JIacEMjzHP9xxd6dl7MdBWO8e4IcZgItSfCc9ErZF4bs7E9W5S0x5TToWYvEum_iAEkT24iUrUO61s-beKaMm0_BD-y5ck792ux9Gn3vFSDvzzvk25sjeerbgWhtXt-axOdBEsxxC0k6c4cC1VZg-Oz1je3h03z7i9NbfM0htTO9hkM0ITbXmWoXnvzdy0MaTtflzq_oU4LawHiuAyKQj5hjt7u3V5F9-YycXlyIDdyX7ck8yOqa2U4JGxpukl-za-Qg31IQZNJaJJhue6Xoar0pTMiXlHjW-KPsOyw&sai=AMfl-YSJeiGNG2hDrgS3CDUtfU-Lakz_GI_rO9drq5VF91E91v1TIIXtDuFHGt9XTwzCNxhxisnq0O2O0wEDMLkZAvAjQafWUqiBm3kHcNnI7KN0iirGJoZo2cxUvjU0JAiZZJjpH_c3LXVigQLuJbWImOcpvv-3HFq72rbVOKs&sig=Cg0ArKJSzHIDyM42G22wEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBx3jYyYehNeT-Dz3eNUT46Ldw1E-vQMud2UKNZz7V6py3592PsIO1NgKIOkK9_lhYwsnCV-fc6YUBXUhfAZLlhihvjy1Rq7-7sH77AjNuQRmydYQdOzcOYZ3E5BcjwFOHXH8oOONWME252OLZY8bIzoXYu-ZO7pAwgzlWGih4uPECfQyrA75eKDs9cfpPJH5bqYov2oIE1I1uQbEqK4LYwBnEqDPyT6qtoV7OZ6-WBiFQe4gN0SWHgWWg2E_F7HZ89I3AlonrpJ2Ag-F3sVGxKCNCsOIA_JBMlcbYTDGwjsDEDk-iwIdmvBrcif-nURIXzcJSI-NI9-99C_g2wPvpXtsx5XukLAmbCulhFWSiF7HdwiLu_WmVoAY-PlHLfEX1xbsdLaUar5H96SkCeeEjPKTskriC2EXydINPa_JJEH_8&sai=AMfl-YSTrU8Aq6u1Lbnc9HA_MA-K0UivBmn6ZFx4W4cCc3L-uf1FLsr5H-lDBSxc_i-GtauNHcx9JbrdkReOft2u6RXdf2lwpi8Ufksm92WBjNDDovhiscmi9IPMvlvgpLd8x_J9bjRpEaCxJE_yFRmR-jJoGeNFV7CC9kICEyI&sig=Cg0ArKJSzJat_QVWiz-zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstksPsplbwzOn3I5C2FS7QZmyyCjmtFvGxmIiDVMLLm-t5U6FK7LjtLP3JGEH5ZU6qe0FJwj5DwYu33XluHot7mE7ZFHuOdAlfFp_qD7uDNETEqrl_mdx639ZM_X_mnh7rrqwND4BJDFTT4cw62cEvDuC2VEyNDahgl6kMinPcsrucVSwSV4nb97Gs6Ke7XpAoUauwCZuuEbeSX9BzGBKfz29e4jX3wAzzU8HEURHV6CNjjimoBslK5IuIMpIoXFfSu46D5Yf35Ms41ZvI3RX0TnyljGQVHT-AkN4ICEUczxA2fNfA4DHLfHVUhbO5kLj8vpth8Uc_K2cY8UEEmoM5tkqUvgFdOC8lmb4dvFhdi3yMLs6mV0N6VD-soI14GBsqqEBGkpK5DOrwgBvYAW5a4JRnjvtzEw9JFY43WMG8yWYnF&sai=AMfl-YTod8RaaDFMEiLHzoWjmdCj8twsaFKzk1iGuNwIRGHNCLHfgxj39z03Sc6uKZv2b7g_jfsr3yjguA2OFIfFj-8xH7zYvn512sgxm7b-F9spV-P_qh0lhrAaFgFrZHkBNdZSCTeYpPfP5w&sig=Cg0ArKJSzFrwaUHdVz0iEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| BlockAdBlock object| blockAdBlock function| gtag object| dataLayer object| FB object| html5 object| Modernizr function| yepnope object| jQuery112402793785068561876 function| CBPFWTabs function| $ function| jQuery function| setPagination function| WOW function| eve function| mina function| Snap boolean| detected function| adBlockDetected function| adBlockNotDetected object| _gat object| _gaq object| __buffer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyPDSA number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| gaGlobal object| xh object| dspbjs object| demandSupplyFS object| _app object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __uid2SecureSignalProvider object| __uid2 object| _33across object| pbjs object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

40 Cookies

Domain/Path Name / Value
.file-upload.org/ Name: lang
Value: german
www.file-upload.org/ Name: visited
Value: visited, visited_expires=Fri Dec 01 2023 07:49:08 GMT+0100 (Central European Standard Time), path=/
live.demand.supply/ Name: demandSupplyTi
Value: 57345b2b-1a16-47d8-887d-bd03d4f0c72b
.demand.supply/ Name: __cf_bm
Value: qZEaexCmlTJsoTtFBu7bkYjd6ZnjENiR3qTMEygf1tM-1701413289-0-AT2hksuMVVW+ypya3KH3fXicAekyvQrbR/Y9Bv2mnQ6sVaaYfjKO8WPe5J5kAsBdamheAfLRSduAd/SvuoV94SA=
.file-upload.in/ Name: _ga_3T7TKCZCC9
Value: GS1.1.1701413289.1.0.1701413289.0.0.0
.file-upload.in/ Name: _ga
Value: GA1.2.1320687984.1701413290
.file-upload.in/ Name: _gid
Value: GA1.2.674863171.1701413290
.file-upload.in/ Name: _gat_gtag_UA_119779859_1
Value: 1
.file-upload.in/ Name: lotame_domain_check
Value: file-upload.in
.criteo.com/ Name: uid
Value: 9d101f66-fc68-402e-be15-0c9ab77a4756
.openx.net/ Name: i
Value: 06caff0b-d44f-4226-aa0f-db7d3270388a|1701413290
.yahoo.com/ Name: A3
Value: d=AQABBKqBaWUCEBXU1y5gwPa-JEO49r1q5nAFEgEBAQHTamVzZbth0CMA_eMAAA&S=AQAAAkxXY0eXDDXBq_bCuCXWXeg
.file-upload.in/ Name: cto_bundle
Value: 4jxE119GZE0yc210ckE3T0xDWEglMkJHeExHR0lCZlc0ZFZUSGlkY1UlMkJhRVVFZlN6SXM0ZEhuNG1rUUJBJTJGQ05Kbzd4dWpEcmE0QWJlZTNkSkJNYUVEUExTdHZMdWp0SHg2N3FlSHlzYzM0elFuUURrSUI4RHJScUpkaHJFJTJCRjFpJTJCTGRqcnh5U1d3Rmkwd2RidVNJZkpqSHpqZ0FnJTNEJTNE
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 1b34a5f441230a119225ed64904c5f3d
.file-upload.in/ Name: _cc_id
Value: 1b34a5f441230a119225ed64904c5f3d
.file-upload.in/ Name: panoramaId_expiry
Value: 1701499690174
.openx.net/ Name: pd
Value: v2|1701413290|n0vNvQiygu
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1025631642165239184
.bing.com/ Name: MUID
Value: 131BAF10C7116DF90F94BCCAC6BB6C96
.amazon-adsystem.com/ Name: ad-id
Value: A5dR54QjhE1DkwUHM5GVidQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmUUrXVSyG-OztFLtimTVdVp7NtAVrjiqFPNsNK75w065m-mDFQuQqfh-xZQ6o
.file-upload.in/ Name: __gads
Value: ID=8696272dab90478b:T=1701413290:RT=1701413290:S=ALNI_MZV9iW9Olbs52_oTOxQOOF1sn72gw
.file-upload.in/ Name: __gpi
Value: UID=00000cffa4a06b5c:T=1701413290:RT=1701413290:S=ALNI_MYSsMB4MEgj2EA84vhMdFjwAeSLvQ
.casalemedia.com/ Name: CMID
Value: ZWmBqpStMjHJ-iK30jw--gAA
.casalemedia.com/ Name: CMPS
Value: 1124
.casalemedia.com/ Name: CMPRO
Value: 1124
.quantserve.com/ Name: d
Value: EHUBCQHHKoEA
.quantserve.com/ Name: mc
Value: 656981ab-2acb6-bea3f-d82be
.simpli.fi/ Name: suid
Value: 0F9F3B2D6B1641D1B51B3B9762D11E64
.de17a.com/ Name: guid
Value: 1.8253819417497033011
.w55c.net/ Name: wfivefivec
Value: JxgNvuJh1R8XjR5
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.lijit.com/ Name: ljt_reader
Value: HvzYvGZHWBK8Pp4KQLGkK89B
.zemanta.com/ Name: zuid
Value: mClMYuH5zjh4_gcwsJ3o
.tribalfusion.com/ Name: ANON_ID
Value: aFnt6ZarZcAQ9BqEr72it9ZaQhlshiiMSeu9ktj2QN6eF2tuL6bEJ2bZbWQl3iwAb6nuoe0yuDbXnE5PZaV4VVgvcG5WHV2ZdB

8 Console Messages

Source Level URL
Text
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.file-upload.in%2F
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.file-upload.in/
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29f867367d3b64297fd23d2c422f42aa.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
ade.googlesyndication.com
adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cc.adingo.jp
cdn-ima.33across.com
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
connectid.analytics.yahoo.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.clean.gg
id5-sync.com
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r5---sn-1gi7znek.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.bing.com
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
securepubads.g.doubleclick.net
www.file-upload.org
www.googletagservices.com
141.95.98.65
142.250.186.34
172.217.16.130
172.64.151.101
172.64.152.89
178.250.1.9
184.30.16.183
185.89.211.84
188.114.97.3
2001:4860:4802:34::36
213.155.156.166
216.52.2.39
216.58.206.34
2400:52e0:1e00::1082:1
2600:9000:2016:4800:a:e047:753:a221
2600:9000:2451:5c00:10:dd8:5e40:93a1
2606:4700:10::6816:3456
2606:4700:3031::6815:3355
2606:4700::6810:5614
2606:4700::6810:8616
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:46::44
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
2a00:1450:400a::a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3100::1725:e26a
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3602:8101:fe84:3355:65
2a06:98c1:3120::3
3.114.121.123
3.33.220.150
3.75.62.37
34.102.146.192
34.120.135.53
34.95.69.49
34.96.70.87
34.98.64.218
35.204.74.118
37.157.6.243
50.31.142.31
51.89.9.252
52.29.13.21
52.48.81.28
52.85.92.52
67.220.226.232
69.173.144.138
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01d7b59aa7d603463c65368ec9cc9fb7f1901de074d8f430a8bd3e96d4d44909
02b1c91ab54da3ef458c0d65ee48b83e3b5c1a8e13d4ef57e58a429355121825
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09dbdcd1d4aa5e397bbc3d1925692d70e11721505bf452455e9caf5186d3f6fa
0b6d462f4c1f71d4122aa5291e18acf63e6150a5fb5806721158cd1a370fc7a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
166ada5e3db8f95f33bf76916513c13a1410a254d487719577c247bc6ecc82a1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1c7430730af1dca44b18b081c8d83ee6dd654abd47708255fb68eae59dd0f4e1
1e786fcf00a1af89ed0b3c5c794fc71a77dc851a5bb6e78e8da98f3c7d3d4272
1ee94b8214631fa96c35ea7897941fa907f28f06a7b7fe0ebca2760405435ecd
1ee9ee0ffa44e78d85f42849656ce552c583282091fc2fd8b97b798928894af3
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
29107f00bca508ab4013cdf23df03f8331f02fc6726c8fa553a72b91e8de07dd
2a68e35bb06719b1a63c1f2b7fff1577a951ed9e6b3e6d97ab412ea1da1e8603
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3bf4a40ef4448a0b87843abafbfe3fe74736221e9d61ea2b661b6ed1ee3d6d6e
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
434afa41585e526bc10ce9367cec815f39fdf4b8d15fc6b9ab9fc73fc4494957
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
4571ee8efe24a5d37c116759c4e022647ea8bb47318b4af908dd3705bc645f29
459ee625bd5d250ded60048585818e5ffbed34a717a219da333187859c9e39f5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49a0b6d6c2b7b13644679945e8b9992bd6f238e9c2c1c4a1ecb5bea10fce0577
49e1305a9ecb2f5c422140d4f4209bb7cabf62eb6767790af1c583b354def463
4c1c23b379134d86c8874d32d0ff4bd1a8f0468d9a2115d6398a4f720bdb4408
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503afbd12193ec13ceff79f32e3297385249650a5fc29cb3086710a25e426e41
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51a592412ab70d10e1200751d02165d82a30b7dd306c1c00cdbbc3e2e0345941
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
555654cfd3602abd456547b9dde2eca7e3b7d2720dc2bc510d38b28033914a8a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
56e3c29f5e2807effa5ccb3de8e1cb84b46dc10df0e6079f2e7fce2941d167cc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f6d2b3e18b203ba0f0c867f2bbcc436b09d248e4656e2920b586d68b9c68f27
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6342db2a4aecbc20fecd0c0e7b450349eff617c21dab53f5b2c11567b4cb2ae3
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
696364a92487bb7010ab791889ccb95e8ce48ceb909abfd2d2666f525ba5322d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3765f41aa286c557f32c55f5a193b6103159bdf749ddb1f20d6f8854d14c79
7106570791ff88b5658f715de7345bd05954e68dc1998f8be1984894b6839bb7
7131ac48dec530211df13441c8a1e08d4bc5295be1544f03966efa57cce6009d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
763de8c378124b9467d36aeadec6939505434f3b2b7d9a3cbdc38a45e58f0a2e
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7f78b195e693f5214f78f93e8c1d6b443897f9b2b754b4f1a539004569c36913
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8284cc1369df3a70f90047eab943fbcd17484e603045709dcabe7541e5eae31f
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8ac3630c7755630dd94ccc9ac2f4c0b82492e9f47bd7580407583ee47c454a15
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b153dc6c432d9272e706085246cd054f84e0d417e0615e9aecabb69a2714793
9b3aeaaed3adbbcfa190681ef74a510fae5f9af782d8c1bf9f9e7829a6b5f2f7
9f568dc9a411ac08b4d6d2fe7f68bcbe1b15bdcaa36c2ba3457e7ba75d3cc3c9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aacde80063ce1d648768c995efc3eaca45fd1e989f9ae9e465ba12647ccd278e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
af4fa13d9c2e8d0e1449708b04a3bbac146094c0bcd926b1e15833223699b834
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0850559507255a6c25f512334fcf9e1fd1c95f5a090bed072ae09ee68b036a0
b0cc4bc98ba69f71c74084c56784dca7eb6d5385a3bc48987d677d7bc479b43c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17609df75cabbd792230b80954b81801b8a3c9f8babb5064bc43620c271ee4f
b2251aa8fed7469f65da1f27f8771e91adc82654330a9ac1e5b59faed5a5d55d
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b887ae1186b30ce7e0adaa8870677033a6077da27b60200193666ac4fc0cf746
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf774482af995e84278bf17bf71d63c550683c0d6bad12a52b54436fff6f7a9d
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cb5b23a57d5bdb83bc5ce8a03197a13a74dd18768a92443fee36ae01021a24fa
cc51b56d22bb273667d691b9336a1cda92013a8e4c578f76ad3ee73dff65014a
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e24a29bf703b2a7599edc0137d9197ca9c7b3da8e2054791727afd965231d6ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100a53c84f341482502ea4af77714bbd194da8d4887f7bb90e586febe6345e2
f287935d0e963a4f2d4c10ae985facc786b432f677e24b0ae5efb0d3498506d1
f498bbab3d467be6517543fee2c14afaa81f4c21ed10c809b4b6f71e6c93eedd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f87a908f3123f55117d4f34184bfa94d2f25d1514b641cf52c51b904183553d3
fcda9f75c7a0e11a06b4224c16a6d20ff54dbcb6a7362d4caee8a13b62d85b6a
fce8c506c6b06cca34926f8c7014228a231dc9333285b7335a5b2c0955e1989f
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678